[Security] [Serverless: Jan 6] Entity summary #4443
Conversation
Vale Linting ResultsSummary: 2 suggestions found |
🔍 Preview links for changed docs |
natasha-moore-elastic
requested review from
hop-dev,
jaredburgettelastic and
machadoum
leemthompo
left a comment
leemthompo
left a comment
There was a problem hiding this comment.
rubberstamp for dev docs :)
benironside
left a comment
benironside
left a comment
There was a problem hiding this comment.
It looks great, no edits on the copy 👏
I'm left wondering how to choose which AI connector this uses.
Also it might be good to include this in the list of features in https://www.elastic.co/docs/explore-analyze/ai-features, as part of this PR or a different one.
Good question – AFAIK, any connector would work, but I can check with the SMEs if there are any we’d particularly recommend for this feature.
Good shout, will do! |
| [Entity summary](/solutions/security/advanced-entity-analytics/view-entity-details.md#entity-summary), available in the entity details flyout, uses AI to generate a summary of a user's or host's security context. It aggregates information such as risk scores, asset criticality, vulnerabilities, and {{ml}} anomalies to provide a consolidated view of the entity's security posture. The summary helps you prioritize investigations and identify recommended next steps. | ||
| This feature requires an [LLM connector](/explore-analyze/ai-features/llm-guides/llm-connectors.md). |
There was a problem hiding this comment.
Hey @benironside, we currently repeat this sentence for each individual Security feature – I wonder if it's sufficient that the intro paragraph (line 107) mentions that all of these features require an LLM connector?
Summary
Resolves #3818 by documenting the new Entity summary section in the entity details flyout.
Preview: Entity details flyout
Generative AI disclosure
Tool(s) and model(s) used:
Cursor, composer-1