Skip to content

[Security] Memory dump response action - Windows #4511

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
natasha-moore-elastic wants to merge 7 commits into
base: main
Choose a base branch
from
Open

[Security] Memory dump response action - Windows #4511

natasha-moore-elastic wants to merge 7 commits into from
+33 −1

Conversation

@natasha-moore-elastic
Copy link
Contributor

@natasha-moore-elastic natasha-moore-elastic commented Jan 5, 2026
edited
Loading

Summary

Resolves #4028 by documenting the new memory-dump response action for Windows endpoints.

Note

Do not merge before 9.3 is released. This feature is currently behind a feature flag and requires a new version of Elastic Defend, so it will only be released into serverless after 9.3 is GA.

Preview

Endpoint response actions > memory-dump

Generative AI disclosure

  1. Did you use a generative AI (GenAI) tool to assist in creating this contribution?
  • Yes
  • No

Tool(s) and model(s) used:
Cursor, gemini-3-flash

@natasha-moore-elastic natasha-moore-elastic changed the title Memory dump response action [Security] Memory dump response action Jan 5, 2026
@natasha-moore-elastic natasha-moore-elastic self-assigned this Jan 5, 2026
@github-actions
Copy link
Contributor

github-actions bot commented Jan 5, 2026
edited
Loading

✅ Vale Linting Results

No issues found on modified lines!

The Vale linter checks documentation changes against the Elastic Docs style guide.

To use Vale locally or report issues, refer to Elastic style guide for Vale.

natasha-moore-elastic
natasha-moore-elastic commented Jan 5, 2026
View reviewed changes
@github-actions
Copy link
Contributor

github-actions bot commented Jan 5, 2026
edited
Loading

🔍 Preview links for changed docs

@natasha-moore-elastic natasha-moore-elastic changed the title [Security] Memory dump response action [Security] Memory dump response action - Windows Jan 7, 2026
@natasha-moore-elastic natasha-moore-elastic mentioned this pull request Jan 7, 2026
Open
@natasha-moore-elastic natasha-moore-elastic marked this pull request as ready for review January 8, 2026 13:49
@natasha-moore-elastic natasha-moore-elastic requested a review from a team as a code owner January 8, 2026 13:49
florent-leborgne
florent-leborgne approved these changes Jan 9, 2026
View reviewed changes
Copy link
Contributor

@florent-leborgne florent-leborgne left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM from a docs / consistency standpoint

solutions/security/endpoint-response-actions.md

### `memory-dump` [memory-dump]
```yaml {applies_to}
stack: ga 9.3+
Copy link
Contributor

@florent-leborgne florent-leborgne Jan 9, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🫶

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@florent-leborgne florent-leborgne florent-leborgne approved these changes

@paul-tavares paul-tavares Awaiting requested review from paul-tavares

@raqueltabuyo raqueltabuyo Awaiting requested review from raqueltabuyo

Assignees

@natasha-moore-elastic natasha-moore-elastic

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[Internal]: Memory dump response action Windows

3 participants

@natasha-moore-elastic @florent-leborgne