Elastic Security 8.18 and 9.0 bring Automatic Migration for detection rules, a Lookup Join function for ES|QL, several AI feature enhancements, and more!

Elastic Security now supports custom knowledge sources for the Elastic AI Assistant, enabling tailored responses from private data like incident response playbooks, hunting queries, historical incident data, and threat intelligence reports.

Elastic Security 8.16 delivers simplified and seamless data onboarding with agentless integrations, vendor-agnostic cloud security workflows for contextualized threat investigation, and custom knowledge base support for Elastic AI Assistant.

Google Vertex AI works with Elastic AI Assistant and Attack Discovery features to provide security analysts with more choices for sophisticated LLMs and allows Google Cloud customers to select models that are native to their cloud ecosystem.

Elastic Security 8.15 introduces Automatic Import, support for Gemini 1.5 Pro/Flash Models, on-demand scanning for the Elastic Defend integration, a full set of APIs for the Elastic AI Assistant, and a redesigned context pivot in the details flyout.

We’re releasing chat and management APIs for Elastic AI Assistant for Security in our 8.15 release. These new APIs enable users to automate interactions with Elastic AI Assistant, manage conversations and anonymization settings, and more.

Elastic Security is building innovative generative AI features, leveraging the Elastic Search AI Platform and partnering with LangChain. This technical blog shares the engineering underpinnings of this work.

Traditional SIEMs aren’t equipped to address threats fast enough because they rely on too many manual and labor-intensive tasks. AI-driven security analytics from Elastic’s Search AI Platform solves these challenges.

While building our AI Assistant, we keep security at the forefront. This blog explores some of the protections we implemented to mitigate common LLM threat techniques.