Elastic is accelerating the adoption of AI-driven security analytics by automating SIEM data onboarding with Automatic Import.
This new feature — the only one of its kind for a security analytics or SIEM solution — automates the development of custom data integrations. With Automatic Import, Elastic Security now adds custom data sources faster than any competing security analytics solution— from up to several days to less than ten minutes— facilitating broader visibility and easier SIEM implementation.
One of Elastic’s largest security customers recently migrated nearly 200 data sources, including many custom technologies. Customers of this scale can now save hundreds of hours of consulting time and weeks to months of implementation time.
“Automatic Import addresses one of the biggest headaches of switching SIEMs: onboarding custom data sources,” said Michelle Abraham, research director, Security and Trust at IDC. “The feature automates the development of new data integrations, reducing the cost, complexity and stress of migration.”
Automatic Import applies generative AI to expedite labor-intensive SecOps tasks, building on previous Elastic AI-driven security analytics innovations like Elastic AI Assistant, which answers security questions and guides practitioner workflows, and Attack Discovery, which automates alert triage. Elastic can mitigate the security challenges intrinsic to fast-changing environments and messy data due to the company’s ability to handle unstructured data at scale and surface relevant insights via Large Language Models and RAG.
Powered by the Elastic Search AI Platform, Automatic Import provides model-agnostic access to harness the knowledge from large language models (LLMs) and the ability to ground answers in proprietary data using retrieval augmented generation (RAG). This is made possible by the flexibility of Search AI Lake and the company’s expertise in enabling security teams to leverage data of any kind.
“Automatic Import makes building and testing custom data integrations easier, helping us quickly enhance visibility throughout our environment,” said Nate Thompson, senior manager, Cybersecurity Analytics & Automation at Dana Inc.
Elastic Security ships with 400+ prebuilt data integrations, and Automatic Import makes it practical to extend visibility beyond these to an evolving array of security-relevant technologies and applications. These integrations normalize data to Elastic Common Schema (ECS), enabling uniform analysis with dashboards, search, alerting, machine learning, and more.
“Establishing visibility across an enterprise IT environment is inherently difficult, but no matter how the attack surface changes, security teams can’t afford to fly blind. Until now, onboarding custom data has been costly and complex,” said Mike Nichols, vice president of product for security at Elastic. “Automatic Import arrives at a critical moment to address these challenges, as organizations explore replacement options for their legacy SIEM tools.”
Automatic Import is launching with support for Anthropic models via Elastic’s connector for Amazon Bedrock. It supports JSON and NDJSON-based log formats.
Automatic Import is available to all customers with an Enterprise license.
The Latest
Artificial intelligence (AI) is rapidly reshaping industries around the world. From optimizing business processes to unlocking new levels of innovation, AI is a critical driver of success for modern enterprises. As a result, business leaders — from DevOps engineers to CTOs — are under pressure to incorporate AI into their workflows to stay competitive. But the question isn't whether AI should be adopted — it's how ...
The mobile app industry continues to grow in size, complexity, and competition. Also not slowing down? Consumer expectations are rising exponentially along with the use of mobile apps. To meet these expectations, mobile teams need to take a comprehensive, holistic approach to their app experience ...
Users have become digital hoarders, saving everything they handle, including outdated reports, duplicate files and irrelevant documents that make it difficult to find critical information, slowing down systems and productivity. In digital terms, they have simply shoved the mess off their desks and into the virtual storage bins ...
Today we could be witnessing the dawn of a new age in software development, transformed by Artificial Intelligence (AI). But is AI a gateway or a precipice? Is AI in software development transformative, just the latest helpful tool, or a bunch of hype? To help with this assessment, DEVOPSdigest invited experts across the industry to comment on how AI can support the SDLC. In this epic multi-part series to be posted over the next several weeks, DEVOPSdigest will explore the advantages and disadvantages; the current state of maturity and adoption; and how AI will impact the processes, the developers, and the future of software development ...
Half of all employees are using Shadow AI (i.e. non-company issued AI tools), according to a new report by Software AG ...
On their digital transformation journey, companies are migrating more workloads to the cloud, which can incur higher costs during the process due to the higher volume of cloud resources needed ... Here are four critical components of a cloud governance framework that can help keep cloud costs under control ...
Operational resilience is an organization's ability to predict, respond to, and prevent unplanned work to drive reliable customer experiences and protect revenue. This doesn't just apply to downtime; it also covers service degradation due to latency or other factors. But make no mistake — when things go sideways, the bottom line and the customer are impacted ...
Organizations continue to struggle to generate business value with AI. Despite increased investments in AI, only 34% of AI professionals feel fully equipped with the tools necessary to meet their organization's AI goals, according to The Unmet AI Needs Surveywas conducted by DataRobot ...
High-business-impact outages are costly, and a fast MTTx (mean-time-to-detect (MTTD) and mean-time-to-resolve (MTTR)) is crucial, with 62% of businesses reporting a loss of at least $1 million per hour of downtime ...
Organizations recognize the benefits of generative AI (GenAI) yet need help to implement the infrastructure necessary to deploy it, according to The Future of AI in IT Operations: Benefits and Challenges, a new report commissioned by ScienceLogic ...
