Elastic Security on Elastic Cloud Serverless enters general availability

Elastic Security on Elastic Cloud Serverless empowers security teams to get up and running quickly, complementing existing options for on-premises, hybrid cloud, and multi-cloud infrastructures. This unmatched versatility ensures that your strategy can adapt with evolving business needs.

The solution is engineered for SIEM, endpoint security, and cloud security use cases. You can operationalize these capabilities right away, which is especially valuable for organizations replacing a legacy SIEM like Splunk or QRadar.

Serverless elevates practitioners with guided onboarding to ramp up swiftly and with a focused UI for core SecOps workflows. To further accelerate investigation and response, Elastic AI Assistant for Security provides analysts with valuable guidance, insights, and context.

Elastic Cloud Serverless reduces total cost of ownership by delivering Elastic Security as a fully managed solution that dynamically scales to meet the needs of security teams.

The offering eliminates the operational overhead of managing infrastructure for security software. Practitioners can focus on their mission while Elastic handles administrative tasks like provisioning, scaling, monitoring, and upgrades.

Elastic Cloud Serverless delivers AI-driven security analytics using the efficient and performant Elastic Search AI Lake. With a new cloud-native architecture optimized for both short- and long-term retention, you can analyze data from across your holistic attack surface — even from years of archives. The solution further reduces storage costs by minimizing data duplication and applying advanced compression techniques and codecs, making it ideal for enterprise-wide security operations. We’ve validated performance at petabyte scale and are enhancing scalability further in future releases.

Serverless is engineered for organizations that need Elastic Security’s innovative features and optimized for centralized security operations center (SOC) teams deploying in the cloud. The offering is available on AWS (in four regions and counting) with support for additional cloud providers on the horizon.

The following Elastic Security features equip practitioners to address challenges faster:

• Collect and normalize popular data sources with prebuilt integrations and further broaden visibility by creating custom integrations with Automatic Import.

• Visualize data on prebuilt and custom dashboards and quickly query the Search AI Lake.

• Activate field-tested machine learning (ML) jobs and detection rules based on MITRE ATT&CK® coverage and create new ones with Elastic AI Assistant for Security.

• Triage a flood of alerts down to the few attacks that matter with our Attack Discovery feature and uncover unknown threats with advanced analytics.

• Elevate analysts with an intuitive UI and context-aware AI guidance.

The AI capabilities of Elastic Security on Elastic Cloud Serverless are made possible by the Elastic Search AI Platform. Customers can choose from a growing set of large language model (LLM) options, ranging from frontier models like Anthropic Claude to custom models via LM Studio. It grounds responses in real-time organizational context, such as user risk score, asset criticality, and host context, using retrieval augmented generation (RAG) to provide meaningful insights.

Elastic Security on Elastic Cloud Serverless is the fastest and easiest way to experience AI-driven security analytics. Try it now.