Elastic announces AI-driven attack discovery feature

Elastic

By Dylan Bushell-Embling
Tuesday, 14 May, 2024

Elastic announces AI-driven attack discovery feature

Search AI company Elastic has introduced a new feature to its Elastic Security solution designed to help customers distil hundreds of alerts into a critical few with the click of a button.

The new Security Information and Event Management (SIEM) feature, Attack Discovery, allows security operations teams to quickly discover and understand the most impactful attacks, and take immediate follow-up actions to mitigate them.

The security analytics capabilities are powered by Elastic’s Search AI platform, which utilises retrieval augmented generation (RAG) technology to deliver the most relevant search results.

The large language models the Search AI platform is based on make use of the rich, up-to-date data needed to deliver accurate, tailored results. Attack Discovery leverages this platform to query the content generated within Elastic Security alerts using Elasticsearch’s hybrid search capabilities. Searchable data includes host and user risk scores, asset criticality scores, alert severities, descriptions and alert reasons.

Elastic Area VP for ANZ Gavin Jones said the new feature can help Australian organisations withstand the constant, sophisticated and increasingly prevalent attacks they are facing.

“The Australian Cyber Security Centre last year revealed that, on average, a cybercrime report is made every six minutes — with the average cost to businesses increasing by 14% compared to the previous financial year,” he said. “Attack Discovery is a transformative step towards solving the ongoing cybersecurity workforce shortage. Threat investigations that would have taken entire teams can now be investigated by a single analyst in less time.

“This new solution from Elastic Security will ensure analysts and incident responders can reduce time spent on resource-intensive tasks, instead utilising their expertise for threat mitigation and response.”

Image credit: Elastic.

Related News

NSW Auditor-General releases cybersecurity insights report

The Cyber security insights 2025 report identifies that while cybersecurity governance in the NSW...

Genetec updates its physical security SaaS platform

Genetec has announced new capabilities for its Security Center SaaS solution including expanded...

ACSC releases advice on implementing SIEM and SOAR platforms

The ACSC says that implementing SIEM or SOAR platforms can greatly benefit organisations by...


  • All content Copyright © 2025 Westwick-Farrow Pty Ltd