From vulnerability report to CVE draft in minutes: how Elastic automated security advisories with AI (opens in new tab)

How Elastic's security team built an AI agent with RAG against MITRE's CWE and CAPEC catalogues to draft CVE advisories from raw vulnerability reports, including the full prompt and crawler configs.