Elastic (NYSE: ESTC) announced the launch of MCP Apps for Elastic, which integrate the company's security and observability workflows into third-party AI tools including Claude, VS Code, GitHub Copilot, and other platforms.

The apps are built on the Model Context Protocol (MCP) apps specification, an open standard developed by Anthropic and OpenAI. The technology allows AI assistants to display interactive user interfaces within existing AI environments rather than providing only text-based responses.

The MCP Apps include three main components. The Security app enables analysts to triage alerts, run ES|QL queries, investigate threats, and manage cases through interactive displays. The Observability app allows teams to explore distributed traces, inspect service dependencies, and diagnose system health. The Search app enables users to explore data and build dashboards using natural language queries.

"The MCP App for Elastic Security bridges the gap between automated detection and manual hunting," said Mandy Andress, CISO of Elastic. "By bringing our security data directly into a single interface within Claude Desktop, we surfaced 'silent' threats in under an hour, risks that didn't trigger standard alerts but required immediate action."

Ken Exner, chief product officer at Elastic, stated that the apps allow teams to "investigate threats and diagnose systems without switching tools."

The Security app features include alert triage with severity grouping and process trees, attack discovery with MITRE ATT&CK mapping, and threat hunting capabilities. The Observability app provides cluster and service health monitoring, anomaly detection with dependency mapping, and live monitoring features. The Search app offers dashboard creation from natural language and data exploration through ES|QL queries.

The MCP Apps for Security, Observability, and Search are available in public preview across multiple platforms including Claude Desktop, VS Code, GitHub Copilot, Goose, Postman, and MCPJam.