Elastic launches AI-powered migration program for SIEM users

Elastic has announced the launch of Elastic Express Migration, a new program designed to expedite the transition for organisations migrating from legacy Security Information and Event Management (SIEM) solutions to Elastic’s AI-driven security analytics platform. The initiative aims to address the significant challenges organisations face during such transitions by offering financial incentives and technical support.

The Elastic Express Migration program includes two primary incentives: migration credits to alleviate the costs associated with maintaining dual vendors during the transition, and service credits that can be used for Elastic’s professional migration services. These incentives are structured around Elastic’s consumption-based pricing model.

Santosh Krishnan, general manager of Security at Elastic, highlighted the difficulties faced by organisations when migrating from traditional SIEM systems, stating, "Migrating a SIEM or log analytics solution has typically been very painful, and this is often why most organisations stay on outdated technology. Today, we're easing migration for organisations looking to move away from their existing solutions with Elastic Automatic Import and the Elastic Express Migration program."

Traditional SIEM solutions are increasingly being replaced in modern Security Operations Centers (SOCs) by AI-based security analytics. These advanced solutions employ AI technologies, such as the power of Search AI, to automate many processes that were previously manually handled. However, transitioning to these modern systems has historically involved significant effort in onboarding all the organisation’s data sources and transferring detection rules from the old SIEM. This process, compounded by the constraints of existing multi-year contracts, has created substantial friction and delays in embracing modern SIEM advancements.

To mitigate these challenges, Elastic has introduced Automatic Import, a feature that automates the development of custom data integrations, significantly reducing the effort required to migrate a SIEM. Coupled with over 400 prebuilt integrations provided by Elastic, this tool aims to simplify the complex process of data onboarding.

Furthermore, Elastic's AI Assistant tool aids in auto-converting existing detection rules, enabling organisations to leverage the platform’s sophisticated querying capabilities, including the new ES|QL query language. Braxton Williams, a security analyst at The Texas A&M University System, expressed satisfaction with these advancements, affirming, "The biggest advantage of Elastic is that it excels in so many areas. To achieve the same results, you'd need to deploy three or four separate products from other vendors. As an organisation that's responsible for public budgets, it's great that we can demonstrate value in the procurement of critical security software."

Elastic Express Migration also extends its benefits to organisations aiming to migrate their logging and application performance monitoring use cases to Elastic's observability solution. This inclusive approach is intended to provide a comprehensive solution for diverse organisational needs across security and observability domains.