Elastic Security 8.18 and 9.0 introduce several updates to enhance the efficiency and speed of security operations teams in responding to threats. The release includes migration support for Splunk SIEM users, a new ES|QL Lookup Join feature for data enrichment and analysis, and usability improvements. Attack Discovery and Automatic Import are now generally available, along with enhancements to Elastic AI Assistant and support for custom detection rules. The update also brings automated response integrations for Microsoft Defender and CrowdStrike, as well as host traffic anomaly detection using machine learning. Automatic Migration expedites the transfer of legacy SIEM content into Elastic Security, validating translated rules to ensure they function as intended. Elastic AI Assistant guides practitioners toward next best actions and provides explainable AI responses. A new AI-driven troubleshooting workflow helps avoid software conflicts when deploying endpoint protections. The release also expands agentless support to 15 widely used integrations, making it easier to bring valuable security and IT data into Elastic without installing agents or managing ingest infrastructure.