Quick start: Elevate
Sekoia Elevate is an AI-powered add-on module that autonomously triages security alerts. For each alert it processes, Elevate analyzes the available context, executes a runbook, and produces a verdict with supporting evidence, reducing the volume of repetitive manual triage work for your analysts.
Documentation in progress
The Elevate module is currently being finalized. This quick start guide will be updated with full setup instructions when the module becomes generally available. Check the changelog for release announcements.
What Elevate does
Elevate acts as an autonomous analyst that works alongside your team. For each alert it handles, Elevate:
- Collects relevant context from the alert, the associated asset, and threat intelligence
- Executes a runbook that defines the investigation logic for that alert type
- Produces a verdict (true positive or false positive) with a written explanation
- Surfaces the result in the alert for human review
Analysts review Elevate's output and either accept the verdict or override it based on their judgment.
Prerequisites
- The Elevate module must be enabled for your community.
- You have an active Sekoia Defend subscription.
What comes next
Full setup instructions, runbook configuration guidance, and analyst workflow documentation will be available here once Elevate is released.
In the meantime, you can:
- Read the Elevate overview article for an early look at the module's capabilities.
- Set up your workspace and ensure Defend is fully operational using the Defend quick start.
Related links
- Quick start: Defend — Prerequisite for Elevate: ensure Defend is set up and generating alerts.
- Support and resources — Contact support or check the Academy for early access materials.