Elastic Security

Interactive security operations dashboards for alert triage, threat hunting, and case management.

Elastic's reference MCP app for Elastic Security brings six interactive React-based dashboards directly into AI conversations: alert triage with AI verdict cards, attack discovery with correlated chain analysis, case management for SOC investigations, detection rule browsing with KQL search, ES|QL threat hunting workbench, and sample data generation. The server demonstrates MCP Apps returning interactive HTML interfaces alongside text responses, enabling security analysts to perform investigations without leaving their AI assistant.