Case Study: European National Police Agency achieves 10x greater threat-hunting visibility with Elastic Security

Harnessing Elastic to hunt digital threats

The European National Police Agency faced the challenge of securing a major digital transformation across 35,000 connected computers and 250 IT systems while defending against external cyberattacks and malicious insiders. It turned to Elastic, including Elastic Security and Elastic SIEM, to help protect its modernized infrastructure and improve threat detection across its vast environment.

Elastic helped the agency build an Elasticsearch cluster with load balancing and message queueing to search and visualize raw logs, create advanced detection rules, and use machine learning for faster anomaly detection. As a result, the European National Police Agency increased event-processing capacity by 10x, now ingests several billion log records, and gained much better visibility across 35,000 endpoints and network sensors, enabling stronger threat hunting and response.