Skip to content

2022 Elastic Global Threat Report

In Elastic Security Labs' inaugural threat report, explore threat phenomena and trends, gleaning recommendations to help you prepare for the future of cybersecurity. Learn about the latest malware research, attack patterns, and clusters of malicious activity from a team of seasoned threat researchers working with a broad set of telemetry data.

From this threat report, you'll come away with an understanding of how to prevent cybersecurity threats through visibility, capability, and expertise — all while joining Elastic in its mission to normalize an open approach to security. Key highlights you don’t want to miss:

  • Nearly 41% of credential access alerts attempted to steal application access tokens versus other credentialed materials
  • A combined 72% of all defense evasion techniques consisted of masquerading and system binary proxy execution
  • CobaltStrike was the most popular malicious binary or payload for Windows endpoints with ~35% of all detections
Cover Global Threat Report


Threat Intelligence

Download report