SecurityBrief UK - Technology news for CISOs & cybersecurity decision-makers
United Kingdom
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware
Search
Story image
#
SIEM
#
GenAI
#
Cybersecurity

Elastic unveils AI-powered migration tool for legacy SIEM users

Today
Author image
By Melania Watson, Interview Editor

Elastic has unveiled a new feature designed to simplify the often complex and time-consuming process of migrating from legacy Security Information and Event Management (SIEM) systems. Known as Automatic Migration, the feature applies generative AI and semantic search to translate and map detection rules into the Elastic Security platform—eliminating the need for manual rule rebuilding.

Announced on 30 April, the capability is intended to reduce the cost, risk, and operational burden for organisations looking to modernise their security operations with Elastic.

"Many security teams are stuck using their inefficient SIEMs due to the significant time and money it takes to transition to a modern solution, with migrating detection rules, dashboards, and other artifacts among the most challenging aspects for migration," said Santosh Krishnan, general manager of Security and Observability at Elastic.

"By mapping and translating existing SIEM artifacts, Automatic Migration reduces the cost, complexity, and risk that comes with SIEM migration," he said.

The core functionality of Automatic Migration lies in its ability to automatically map existing SIEM detection rules to Elastic-built rules using semantic search, rather than relying on exact text matches. Where mappings are unavailable, the feature uses generative AI grounded in custom knowledge to translate unmatched rules—along with associated lookups and macros—into functional Elastic queries.

The announcement is part of Elastic Security's broader effort to integrate more AI-powered capabilities into its platform.

Automatic Migration joins existing features such as Automatic Import, Attack Discovery, and the Elastic AI Assistant—each aimed at streamlining security operations through automation and machine learning.

This move by Elastic comes as organisations continue to face mounting challenges in scaling and modernising their cybersecurity infrastructure, especially as existing SIEM solutions struggle to keep up with the growing volume and complexity of data.

Elastic's approach centres on lowering the technical barriers associated with transitioning SIEM systems, which often involves time-intensive manual processes, including rule rewrites, dashboard configurations, and adapting data pipelines. By automating these critical tasks, the company aims to make the switch to Elastic Security more viable for organisations of various sizes.

Automatic Migration is now available in technical preview for customers on the Enterprise licence tier or those subscribed to the Security Analytics Complete tier of Elastic Cloud Serverless.

According to Elastic, the new capability reflects its commitment to helping organisations "find the answers they need in real-time using all their data, at scale." Elastic's suite of products spans search, observability, and security—all of which are built on its proprietary Search AI Platform.

While the announcement focuses squarely on easing the transition away from legacy SIEMs, the broader context suggests Elastic is positioning itself as a more agile and AI-forward alternative to established security platforms that often require substantial manual upkeep and custom development.

The Automatic Migration feature is expected to appeal to organisations that have been hesitant to abandon their current SIEM investments due to migration challenges. By lowering those hurdles, Elastic hopes to drive broader adoption of its security analytics platform and make advanced threat detection more accessible.

In introducing Automatic Migration, Elastic is targeting a major friction point in enterprise cybersecurity strategy: how to migrate away from entrenched systems without disrupting operations or increasing vulnerability during the transition.

Krishnan added, "Automatic Migration complements Elastic Security's expansive suite of AI-driven security analytics features," reinforcing the company's message that automation and AI are central to its ongoing development strategy.

Elasticjoins a growing number of technology vendors using generative AI to tackle practical enterprise challenges, particularly those that demand speed, accuracy, and a deep understanding of context—traits that traditional rule-based systems often lack.

As organisations continue to assess the value and limitations of their legacy security infrastructure, solutions like Elastic's Automatic Migration may offer a compelling path forward for those seeking a more modern, efficient, and scalable approach to SIEM.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
CrowdStrike launches unified data protection for AI & cloud
Six cybersecurity trends you can't afford to ignore in 2025
Rapid7 unveils upgraded platform with $1M breach cover
Silent Push unveils enhanced threat intelligence with Feed Scanner
Legit Security unveils AI features to improve app vulnerability fixes
Top stories
Palo Alto Networks unveils Cortex XSIAM 3.0 with AI upgrades
Forrester warns of deepfakes & AI extortion in 2025 threats
Palo Alto Networks unveils Prisma SASE browser for AI security
Palo Alto Networks launches Prisma AIRS to secure enterprise AI
Palo Alto Networks to acquire Protect AI to boost AI security