Gagan Singh of Elastic discuses how agentic AI systems reduce analyst burnout by automatically triaging security alerts, resulting in measurable ROI for organizations

Topics Include:

• AI breaks security silos between teams, data, and tools in SOCs
• Attackers gain system access; SOC teams have only 40 minutes to detect/contain
• Alert overload causes analyst burnout; thousands of low-value alerts overwhelm teams daily
• AI inevitable for SOCs to process data, separate false positives from real threats
• Agentic systems understand environment, reason through problems, take action without hand-holding
• Attack discovery capability reduces hundreds of alerts to 3-4 prioritized threat discoveries
• AI provides ROI metrics: processed alerts, filtered noise, hours saved for organizations
• RAG (Retrieval Augmented Generation) prevents hallucination by adding enterprise context to LLMs
• AWS integration uses SageMaker, Bedrock, Anthropic models with Elasticsearch vector database capabilities
• End-to-end LLM observability tracks costs, tokens, invocations, errors, and performance bottlenecks
• Junior analysts detect nation-state attacks; teams shift from reactive to proactive security
• Future requires balancing costs, data richness, sovereignty, model choice, human-machine collaboration

Participants:

• Gagan Singh – Vice President Product Marketing, Elastic

Additional Links:

• Elastic – LinkedIn - Website – AWS Marketplace

See how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/