Elasticsearch Korea

Greg Song, Principal Solutions Architect

Security teams often spend a significant amount of time and resources identifying real threats among a flood of alerts. Investigating a single SIEM alert can take 10 to 15 minutes on average, limiting the number of alerts that can be effectively addressed each day. In this session, we will demonstrate how Elastic Security’s AI-driven threat analysis capabilities enable analysts to gather contextual information within a minute, allowing them to quickly distinguish between false positives and true threats. We’ll also showcase how generative AI and the AI Assistant can be used to automatically generate incident response reports, illustrating how AI is driving real innovation and efficiency in security operations.