Stateless Elasticsearch + AI-Enhanced Threat Detection with Elastic SIEM

Join the Elastic Phoenix User Group on Thursday, November 13th for a exciting evening of technical presentations. Rajvi Patel (Software Engineer) will take us “From Data to Defense” with an AI-powered deep dive into threat detection using Elastic SIEM, and Andreas Christoforides (Consulting Architect) will show how to “do MORE with stateLESS Elasticsearch” to build faster, more scalable systems.

After the talks, stick around to chat with fellow Elastic users over pizza and refreshments.

📅 Date: Thursday, November 13th

🕠 Time: 5:30 - 7:30 PM

📍 Location: CO+HOOTS – 221 E Indianola Ave, Phoenix, AZ 85012 (Classroom)

🎤Featured Speakers:

• Rajvi Patel (Software Engineer) From Data to Defense: AI-Enhanced Threat Detection with Elastic SIEM
• Andreas Christoforides (Consulting Architect) - do MORE with stateLESS Elasticsearch

🚗 Parking: CO+HOOTS is located at 221 E. Indianola Ave. Phoenix 85012 (3rd St & Indianola). Feel free to park right under the building and walk the few steps to the middle set of stairs.

🔍 Check-in: A CO+HOOTS community assistant will be at the front desk to direct you.

📝 Agenda:

• 🕠 5:30 PM – Doors open & attendee check-in
• 🎤 5:50 PM – From Data to Defense: AI-Enhanced Threat Detection with Elastic SIEM - Rajvi Patel, Software Engineer
• 🎤 6:30 PM – do MORE with stateLESS Elasticsearch - Andreas Christoforides, Principal Consulting Architect, Elastic
• 🍻 7:00 - 7:30 PM – Networking & refreshments
• 🚪 7:30 PM – Event ends

💭Talk Abstracts:
From Data to Defense: AI-Enhanced Threat Detection with Elastic SIEM
Rajvi Patel - Software Engineer

This session demonstrates how Elastic SIEM and OpenAI together enable faster, smarter threat detection and response.

We’ll cover the full lifecycle — ingesting security data, building detection rules, and automating alerts — and explore how Elastic’s OpenAI connector uses generative AI to explain alerts, summarize incidents, and assist with investigation workflows. Attendees will gain practical insights into operationalizing AI within the SOC to build scalable, real-time defense systems.

do MORE with stateLESS Elasticsearch - Andreas Christoforides, Principal Consulting Architect, Elastic

How would you build Elasticsearch if it was started in 2024? Decouple compute and storage, outsource the persistence to a blob store like S3, dynamically scale up and down, have the right defaults, and a clear path for developers. This is what we have done!

In this talk, learn how we have redesigned Elasticsearch to do more with a stateless architecture that can run hot queries on cold storage. And see how you can get started with it today.