





























Elastic has announced MCP Apps for Elastic, delivering agent-native UI experiences for security and observability workflows across third-party coding tools and chat clients. The new MCP Apps enable teams to investigate threats, diagnose system behavior, and act on data directly within the AI tools they already use, without switching tools or stitching together separate systems.
Built on the Model Context Protocol (MCP) apps spec, the open standard co-authored by Anthropic and OpenAI, these apps allow AI assistants to return fully interactive user interfaces rendered directly within environments such as Claude, VS Code, GitHub Copilot, Goose, Postman, and MCPJam.
Most AI integrations stop at conversational text. That works for simple queries, but breaks down for workflows that are inherently visual and interactive, including alert triage, investigation graphs, dashboards, and distributed traces. Elastic’s MCP Apps close that gap by supporting security and observability workflows in a live AI-native interface that users can explore, filter, and act on, allowing teams to manage threat detection or system diagnosis without leaving the conversation.
“The MCP App for Elastic Security bridges the gap between automated detection and manual hunting,” said Mandy Andress, CISO of Elastic. “By bringing our security data directly into a single interface within Claude Desktop, we surfaced ‘silent’ threats in under an hour, risks that didn’t trigger standard alerts but required immediate action. It’s a force multiplier for our analysts.”
“Our customers are increasingly working inside AI-native environments,” said Ken Exner, chief product officer at Elastic. “With our MCP Apps, Elastic meets them there by bringing security, observability, and search workflows into the AI tools that they are using so that teams can investigate threats and diagnose systems without switching tools. The answer is no longer a summary, it’s the workflow itself.”
While early MCP App adopters have focused on productivity tools like Amplitude, Asana, Figma, and Slack, the Elastic Security MCP App enables analysts to triage alerts, run ES|QL queries, investigate threats, and manage cases through interactive views rendered directly in the conversation. Workflows such as alert lists, process trees, and investigation graphs remain interactive, allowing analysts to move from question to action without tab switching or hand-offs.
The MCP App for Security provides core tasks for analysts, including:
The Elastic Observability MCP App enables teams to explore distributed traces, inspect service dependencies, and diagnose system health through interactive views rendered directly in the conversation, helping engineers move from detection to root cause analysis without switching tools.
The MCP App for Observability provides, end-to-end Kubernetes & APM incident investigation, including:
Elastic also provides MCP Apps for search and data exploration. The Search MCP App enables users to explore data and build dashboards through natural language, with results rendered as interactive visualizations that can be edited and exported.
The MCP App for Search, includes:
Elastic MCP Apps for Security, Observability, and Search are available now in public preview, with support across platforms including Claude, Claude Desktop, VS Code, GitHub Copilot, Goose, Postman, and MCPJam.
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。