NEW in Elastic 8.14: Attack Discovery, GA of ES|QL, and AI Assistant features

Elastic 8.14 is now available! This release supports our mission to modernize security operations with AI-driven security analytics. 8.14 includes major features like the brand new Attack Discovery, significant enhancements to Elastic AI Assistant for Security, and the general availability of ES|QL — all of which provide the SOC with contextual, streamlined SecOps. 

Elastic Security 8.14 is available now on Elastic Cloud — the only hosted Elasticsearch offering to include all of the new features in this latest release. You can also download the Elastic Stack and our cloud orchestration products — Elastic Cloud Enterprise and Elastic Cloud for Kubernetes — for a self-managed experience.

What else is new? Check out the Elastic 8.14 announcement post to learn more.

Leveraging generative AI, Attack Discovery seamlessly transforms a flood of alerts into a clear and comprehensive overview of attack progressions, enabling teams to respond to cyber threats with exceptional precision and speed. By connecting isolated alerts into a cohesive narrative to reveal attack sequences, this feature uncovers underlying coordinated attacks, simplifies the communication of attack progressions, and allows analysts to trace the entire attack chain and produce comprehensive reports with actionable insights. Additionally, the seamless integration with the Elastic AI Assistant enables analysts to ask follow-up questions and requests like “How can I remediate this threat?” and “Provide me with an ES|QL query that isolates actions taken by this user.”

You can check out a short demo of this feature here.

As part of the 8.14 release, Elastic AI Assistant also persists chats — ensuring seamless access to conversations across devices and sessions and eliminating the disruption of lost context. This feature improves productivity by allowing users to effortlessly continue their interactions from where they left off. Additionally, persisted chat logs allow for the creation of alerts, enabling traceability and easy follow up. 

Moreover, the integration of advanced role-based access control (RBAC) enhances security by limiting who can modify these critical settings within the organization. This added layer of control ensures that only authorized personnel can adjust anonymization and field settings, reinforcing the organization’s data protection strategy.

Elastic's open framework facilitates seamless integration with various LLM providers, including locally hosted models, enabling adaptation to the rapidly evolving AI landscape. Elastic Security enhances its AI-driven workflows with the integration of Anthropic’s Claude 3 family of models for AI Assistant and Attack Discovery. By supporting all major LLM providers, we offer users the flexibility to choose models that best fit their operational needs and budget. 

Claude 3 models, known for their larger context window and cost-effective performance, provide more precise and context-aware threat detection, enhancing the identification and response to complex threats. The Claude 3 family includes the Haiku, Sonnet, and Opus models — each tailored to different use cases, ensuring that security teams can select the optimal model for their specific requirements. Haiku offers a cost-effective solution for simple queries; Sonnet strikes a balance between affordability and precision; and Opus delivers high accuracy for critical security scenarios.

The release and timing of any features or functionality described in this post remain at Elastic's sole discretion. Any features or functionality not currently available may not be delivered on time or at all.

In this blog post, we may have used or referred to third party generative AI tools, which are owned and operated by their respective owners. Elastic does not have any control over the third party tools and we have no responsibility or liability for their content, operation or use, nor for any loss or damage that may arise from your use of such tools. Please exercise caution when using AI tools with personal, sensitive or confidential information. Any data you submit may be used for AI training or other purposes. There is no guarantee that information you provide will be kept secure or confidential. You should familiarize yourself with the privacy practices and terms of use of any generative AI tools prior to use. 

Elastic, Elasticsearch, ESRE, Elasticsearch Relevance Engine and associated marks are trademarks, logos or registered trademarks of Elasticsearch N.V. in the United States and other countries. All other company and product names are trademarks, logos or registered trademarks of their respective owners.