Elastic detection-rule-management
Creates and manages Elastic Security detection rules for threat detection.
🛡️ AgentReady threat assessment
MAESTRO 7-layer threat model + OWASP AIVSS risk score for Elastic detection-rule-management, derived from its capabilities.
AIVSS 9.1 · Critical
View MAESTRO 7-layer threat model →Overview
An Elastic Agent Skill for authoring and managing detection rules in Elastic Security — creating, tuning, and enabling rules. It encodes the rule schema and management API. Writes detection rules that govern security alerting in the user's deployment.
Key features
- Detection rule authoring
- Rule tuning/enable
- Elastic Security rule API
Use cases
- Create a new detection rule
- Tune noisy security rules