In this chapter, we have learned about the challenges that modern security teams face with legacy security solutions in keeping up with complex APT, and how Elastic ML allows analysts to have an iterative investigation approach by automating some of the forensic analysis and threat hunting steps.

In the next chapter, Chapter 6, Alerting on ML Analysis, we will put a particular focus on the alerting component that comes with commercial features and walk you through how to effectively make security insights actionable.