Threat research

Prepare for what's next

Understand threat actors' targets and attack behaviors with the 2024 Elastic Global Threat Report — designed to provide your cybersecurity team with crucial insights for the upcoming year.

Get the free report

Threat research you can't get anywhere else

The annual Elastic Global Threat Report reveals real-world adversary actions through billions of data points from our unique telemetry, built on the Search AI Platform. This year surfaced:

89
%
of Linux behaviors involved Brute Force.
70
%
of endpoint behaviors were Defense Evasion, Execution, and Persistence.
47
%
of Microsoft Azure failures were tied to storage account misconfigurations.

Looking for more?

Check out other assets from the 2024 Elastic Global Threat Report:

Overviews
Webinars

Adversary actions in 2024
Gather crucial intel
Threat trends for SOC leaders
Prepare your organization
How Elastic's CISO uses it
See her strategies

Threat research for everyone

Our team of veteran security researchers, Elastic Security Labs, regularly publishes long-form reports on topics of all kinds, including:

The 2025 State of Detection Engineering at Elastic
Explore how we create, maintain, and assess the SIEM and EDR rulesets for our award winning security solution!
Pull back the curtain
The Elastic Global Threat Report
Targets. Techniques. Forecasts. How are adversaries attacking organizations, and what can security teams expect?
Gather crucial intel
The LLM Safety Assessment
Explore LLM implementation risks, the top 10 most common attacks, and how to mitigate them, all with this report.
Protect your LLMs

Frequently asked questions

What is the Elastic Global Threat Report?

The Elastic Global Threat Report is a report from Elastic Security Labs that explores a full year of telemetry. The Global Threat Report provides a comprehensive look at several threat topics, including malware, cloud, endpoint, and adversarial campaigns. It also provides cybersecurity forecasts for the upcoming year.

Where does Elastic get the threat data from?

What months make up the Global Threat Report?

Where can I find previous reports?

What threat research does Elastic do?

Explore Elastic Security

Empower your SOC
Resist advancing threats with AI-driven security analytics, the future of SIEM.
SIEM, simplified
Work smarter with AI
Detect sooner, investigate faster, and respond before threats have a chance with the Search AI Platform.
AI for Security
Fueled by Elastic Security Labs
Explore detailed security research on threats, malware, protections, and more from our experts.
Study our research

Threat research

Prepare for what's next

Threat research you can't get anywhere else

Looking for more?

Adversary actions in 2024

Threat trends for SOC leaders

How Elastic's CISO uses it

Threat research for everyone

The 2025 State of Detection Engineering at Elastic

The Elastic Global Threat Report

The LLM Safety Assessment

Frequently asked questions

What is the Elastic Global Threat Report?

Where does Elastic get the threat data from?

What months make up the Global Threat Report?

Where can I find previous reports?

What threat research does Elastic do?

Explore Elastic Security

Empower your SOC

Work smarter with AI

Fueled by Elastic Security Labs

Follow us

About us

Join us

Partners

Trust & Security

Investor relations

Excellence Awards