ACCORDING to David Elgut, 12 May 2026, Elastic Security is the first security vendor to ship an interactive UI in AI tools, allowing analysts to triage alerts, hunt threats, correlate attack chains, and open cases all from inside the AI conversation. The Elastic Security MCP App brings the six core dashboards—Alert Triage, Attack Discovery, Case Management, Detection Rules, Threat Hunt, and Sample Data—into the chat, with each tool returning a compact text summary plus an inline React UI.
It builds on existing Elastic security capabilities, with Attack Discovery and Agent Builder already powering context-rich insights, while the MCP App delivers a visual workflow inside Claude Desktop, Claude[.]ai, VS Code Copilot, Cursor, or any compatible host. Every action writes back to Elasticsearch and Kibana through familiar APIs, preserving context across the conversation and sessions.
The walkthrough explains generating sample data, triaging alerts, running threat hunts in ES|QL, opening cases, and applying a seamless end-to-end SOC flow, all without tab switching.