Elastic launches AI-powered tool for SOC analysts
Search AI company Elastic has launched a serverless security package aimed at bringing AI-driven detection and triage into existing Security Information and Event Management (SIEM) and Endpoint Detection and Response (EDR) tools.
The solution, Elastic AI SOC Engine (EASE), uses Elastic’s Attack Discovery platform and an AI assistant to help Security Operations Centre (SOC) analysts more rapidly uncover hidden, coordinated threats. It is designed for deployment in security environments that utilise Splunk, Microsoft Sentinel, CrowdStrike, and other popular tools.
It supports agentless integrations by ingesting alerts from third-party platforms, allowing users to apply AI analysis to alerts. The solution can be used to triage, correlate and prioritise alerts, and data connections can enrich investigations with knowledge from sources including Jira, GitHub, and SharePoint.
Elastic GM for Observability and Security Santosh Krishnan said in today’s threat environment, SOC analysts can be overwhelmed by high alert volumes.
“EASE brings Elastic’s proven AI capabilities into the security tools teams already use, to automatically prioritise threats, correlate alerts, and accelerate investigations, reducing the load on teams,” he said. “When ready, teams can seamlessly migrate to Elastic Security for a unified, AI-driven platform that brings together SIEM, EDR, and cloud security, without missing a beat.”
BeyondTrust launches beta solution for taming AI agents
BeyondTrust's in-beta AI Agent Security is designed to prevent AI coworkers and autonomous...
DigiCert launches Quantum Central tool
DigiCert's recently launched Quantum Central solution can help security and IT teams prepare...
Guest accounts a major threat to IT environments: report
Kaseya's 2026 SaaS Security Report found that SMBs are leaving themselves exposed to attack...
