THREAT OPS › Threat News › From vulnerability report to CVE draft in minutes: how Elastic automated security advisories with AI
From vulnerability report to CVE draft in minutes: how Elastic automated security advisories with AI
<p>Elastic's InfoSec Product Security Team built a generative AI agent using Elastic Agent Builder that drafts complete CVE security advisories (CWE classification, CAPEC methodology, CVSS scoring, and mitigation guidance) directly from raw vulnerability reports. The agent uses RAG against the MITRE CWE and CAPEC catalogues indexed in Elasticsearch, which grounds its output in authoritative data a
MITRE ATT&CK techniques
- ServerlessT1583.007
- VulnerabilitiesT1588.006
- ServerlessT1584.007
- ServerlessAML.T0008.004
- Generative AIAML.T0016.002
- System PromptAML.T0069.002
Indicators of compromise
- https://www.first.org/standards/frameworks/psirts/psirt_services_framework_v1.1url
- https://discuss.elastic.co/c/announcements/security-announcements/31url
- https://www.cve.org/url
- https://euvd.enisa.europa.eu/url
- https://jvn.jp/en/url
- https://genai.owasp.org/llmrisk/llm092025-misinformation/url
- https://discuss.elastic.co/t/metricbeat-8-19-10-9-1-10-9-2-4-security-update-esa-2026-01/384519url
- docker.elastic.codomain