Friday, 25 April 2025
31.1 C
Singapore
36.6 C
Thailand
28.5 C
Indonesia
29.2 C
Philippines

Elastic revolutionises SIEM with AI-driven analytics

Elastic revolutionises SIEM with its new AI-driven security analytics, enabling SOCs to prioritise attacks efficiently and enhance their operational response.

Elastic, known as the Search AI Company, has unveiled a new AI-driven security analytics platform set to transform traditional Security Information and Event Management (SIEM) approaches for Security Operation Centres (SOCs). Their latest feature, Attack Discovery, simplifies the detection process by filtering hundreds of alerts to highlight the most critical attacks using just one click. This innovation, powered by Elastic’s Search AI platform, automates much of the manual configuration, investigation, and response tasks that have long burdened security teams.

The Search AI platform integrates search and retrieval augmented generation (RAG), drawing on advanced search technology to produce highly relevant results swiftly. This approach ensures that Elastic’s security solutions are built on rich, current data, crucial for delivering precise outcomes tailored to specific security needs.

Transforming alert management with Attack Discovery

Attack Discovery stands out by utilising the Search AI platform to sort through alerts and identify key details that should be assessed. Leveraging Elastic’s Elasticsearch, the feature queries the vast context available in Elastic Security alerts, retrieving pertinent data such as host and user risk scores and alert reasons. This enables the system to instruct the underlying large language models (LLMs) to prioritise the most significant attacks efficiently.

Ravi Rajendran, area vice president of Southeast Asia at Elastic, highlighted the significance of this innovation for Singapore, noting the Cyber Security Agency of Singapore’s findings: two in five businesses in the country struggle with adequate cybersecurity resources despite frequent incidents. “Attack Discovery will empower businesses to slash the resource burden, freeing security teams from the grind of low-level tasks. This allows them to focus their expertise on what matters most: responding to and mitigating real threats,” Rajendran explained.

Proactive cybersecurity measures are essential for business survival

Asjad Athick, Elastic’s Cybersecurity Lead for Asia Pacific and Japan, discussed the high stakes of cybersecurity incidents, emphasising the potential for data loss, reputation damage, and severe financial consequences, especially for small and medium-sized enterprises. “This is why proactive cybersecurity measures are crucial for businesses to protect their public image and ensure survival in today’s ever-evolving threat landscape,” Athick stated, underscoring the importance of swift detection and response to protect businesses in a rapidly evolving threat environment.

In typical SOCs across Singapore, analysts manually sift through thousands of alerts daily, a tedious and error-prone process. Elastic Security’s Attack Discovery automates this by filtering out irrelevant alerts and mapping significant ones to specific attack chains, allowing analysts to focus on genuine threats. This efficient triage process facilitated by LLMs aids analysts in spending less time on preliminary alert assessments and more on detailed investigations and resolutions.

Since its inception in 2019, Elastic Security has expanded to include over 100 prebuilt machine learning-based anomaly detection jobs and, more recently, the Elastic AI Assistant for Security, which aids SOC analysts in rule authoring, alert summarisation, and integration recommendations.

Hot this week

Intel’s new CEO reshapes leadership, promotes AI chief and plans closer work with engineers

Intel CEO Lip-Bu Tan is reshaping leadership, promoting a new AI chief, and aiming for a leaner, more engineering-driven company.

Global PC shipments rise 6.7% in early 2025 as AI and tariffs drive demand

PC shipments rose 6.7% in Q1 2025, boosted by AI demand and tariff concerns, but growth is expected to slow later in the year.

Netflix raises subscription prices in Singapore again

Netflix again raises subscription prices in Singapore, with new rates for all plans and extra member slots.

Chinese tech companies race to expand AI services using new open-standard protocol

Chinese tech firms race to adopt MCP, boosting AI agent use and shaping the future of smart services in payment, maps, and cloud tools.

Bethesda releases The Elder Scrolls IV: Oblivion Remastered – and you can play it now

Bethesda released Oblivion Remastered, which features full visual upgrades and quality-of-life improvements and is now available across major platforms.

OpenAI says it would consider buying Google Chrome if offered

OpenAI told a judge it would be open to buying Google Chrome if it were sold as part of the US antitrust case against Google.

WhatsApp adds new Advanced Chat Privacy feature to boost group chat security

WhatsApp's new Advanced Chat Privacy feature helps stop group chat content from being shared or saved outside the app.

Global PC shipments rise 6.7% in early 2025 as AI and tariffs drive demand

PC shipments rose 6.7% in Q1 2025, boosted by AI demand and tariff concerns, but growth is expected to slow later in the year.

GITEX to launch in Vietnam, unlocking growth in Southeast Asia’s digital economy

GITEX announces debut in Vietnam for October 2026, spotlighting its growing tech economy and boosting Southeast Asia’s digital innovation.

Related Articles

Popular Categories