Articles

Inside Elastic InfoSec's agentic SOC: cutting alert triage from 30 minutes to under 3
Elastic's InfoSec team built AI agents on Elastic Workflows that investigate every alert and assemble the case before an analyst ever opens it.

How Elastic Infosec Optimizes Defend for Cost and Performance
This article details the internal Elastic Infosec team's process to optimize our endpoint data collection using Event Filtering and Advanced Policy Settings in Elastic Defend.

Automating detection tuning requests with Kibana cases
Learn how to automate detection rule tuning requests in Elastic Security. This guide shows how to add custom fields to Cases, create a rule to detect tuning needs, and use a webhook to create a frictionless feedback loop between analysts and detection engineers.
