Elastic AI Assistant Shows What an AI Assistant Can Become

Elastic AI Assistant Shows What an AI Assistant Can Become

This IDC Market Perspective looks at the announcement of Elastic AI Assistant, which offers security practitioners a chat interface to ask questions using natural language. Generative AI and its close kin ChatGPT are not "like to have" capabilities in the cybersecurity stack as much as these are seminal requirements. The first iterations of generative AI have been seen in the incident detection and response (IDR) stack. Analysts use natural language processing (NLP) to assemble timelines, refine threat intelligence research, determine risk, find artifacts on networks, and then begin guided threat hunting. These tasks seem remedial, but these are exceptionally time consuming and prone to user error. The first formal general availability announcement of a generative AI, ChatGPT digital assist was made by Microsoft and its announcement of Security Copilot, but several companies have followed suit. (It should be noted that many companies would dispute Security Copilot was the first, although its technology was the first ChatGPT specific. Indeed, generative AI has been a part of different aspects of SIEM, threat intelligence, and security automation for some time now.)Applying generative AI to the seminal stages of IDR should not be glazed over. This is a massive achievement that helps and will help cybersecurity generalists as well as more refined cybersecurity teams. But cybersecurity is not limited to IDR: truly it entails the proper prepping of the network environment (understand configurations and data structure), ties into line of business, and integrates search proactively into observation and new use cases. Elastic Assistant AI is a positive realization in that direction. "In truth, we don't fully realize the potential gains and possible hazards coming from the use of widespread generative AI," said Chris Kissel, research vice president, Security and Trust at IDC. "The recent platform announcements of what can be deemed as digital assistants are revelatory. Elastic AI Assistant joins this new class of tools. But Elastic realizes that cybersecurity only exists within the context of the network and the business at large. Several capabilities in AI Assistant such as helping customers properly format data for ingest make its platform safer and more accurate than competing generative AI platforms."

Please Note: Extended description available upon request.