elastic · natasha-moore-elastic · Dec 23, 2025 · Dec 23, 2025 · Dec 24, 2025 · natasha-moore-elastic
@@ -145,3 +145,14 @@ This feature requires an [LLM connector](/explore-analyze/ai-features/llm-guides
 * **Third-party antivirus (AV) software**: Identify installed third-party antivirus (AV) products that might conflict with {{elastic-defend}}.
 
 This feature requires an [LLM connector](/explore-analyze/ai-features/llm-guides/llm-connectors.md).
+
+
+### Entity summary
+```yaml {applies_to}
+stack: ga 9.3
+serverless: ga
+```
+
+[Entity summary](/solutions/security/advanced-entity-analytics/view-entity-details.md#entity-summary), available in the entity details flyout, uses AI to generate a summary of a user's or host's security context. It aggregates information such as risk scores, asset criticality, vulnerabilities, and {{ml}} anomalies to provide a consolidated view of the entity's security posture. The summary helps you prioritize investigations and identify recommended next steps.
+
+This feature requires an [LLM connector](/explore-analyze/ai-features/llm-guides/llm-connectors.md).
@@ -18,6 +18,7 @@
 
 The entity details flyout includes the following sections:
 
+* {applies_to}`serverless: ga` {applies_to}`stack: ga 9.3` [Entity summary](#entity-summary), which allows you to generate an AI summary of the entity.
 * [Entity risk summary](#entity-risk-summary), which displays entity risk data and inputs.
 * [Asset Criticality](#asset-criticality), which allows you to view and assign asset criticality.
 * [Insights](#insights), which displays vulnerabilities or misconfiguration findings for the entity.
@@ -28,6 +29,40 @@
 :screenshot:
 :::
 
+### Entity summary
+```yaml {applies_to}
+stack: ga 9.3
+serverless: ga
+```
+
+::::{note}
+* To generate an AI summary, you need to configure a [generative AI connector](kibana://reference/connectors-kibana/gen-ai-connectors.md).
+* This feature is only available for users and hosts.
+::::
+
+The **Entity summary** section allows you to generate an AI-powered summary of the entity's security context. Click **Generate** to create a comprehensive overview that aggregates information from:
+
+* Risk scores and risk inputs
+* Asset criticality levels
+* Vulnerabilities and misconfigurations
+* {{ml-cap}} anomalies associated with the entity
+
+The summary provides a consolidated view of the entity's security posture, helping you quickly assess its significance and prioritize investigations. It includes information such as:
+
+* The entity's current risk score with details about which alerts or rules contribute most significantly to the score
+* The entity's asset criticality level and how it contributes to the overall risk score
+* Details about detected vulnerabilities, including CVE identifiers, CVSS scores, affected packages or systems, and remediation guidance
+* Recommended next steps based on the entity's security posture, such as updating vulnerable packages, investigating specific alerts, or implementing additional security controls
+
+::::{tip}
+If you have [AI Assistant](/solutions/security/ai/ai-assistant.md) set up, you can select **More actions** ({icon}`boxes_vertical`) → **Ask AI Assistant** to continue the conversation about the entity in AI Assistant.
+::::
+
+:::{image} /solutions/images/security-entity-summary.png
+:alt: Entity summary
+:screenshot:
+:::
+
 ### Entity risk summary
 
 ::::{admonition} Requirements