Elastic, the Search AI Company, has announced a strategic partnership with the Cybersecurity and Infrastructure Security Agency (CISA) to build a unified Security Information and Event Management as-a-Service (SIEMaaS) platform. Leveraging Elastic Security on Elastic Cloud, the new offering aims to significantly strengthen the cybersecurity posture of U.S. federal civilian agencies by standardizing how security data is collected, analyzed, and acted upon across the government.
As part of this initiative, Elastic is supporting CISA through a $26 million base-year contract awarded to ECS, a leading provider of advanced technology solutions in data, AI, cybersecurity, and enterprise transformation, and a brand under ASGN. Notably, the agreement includes renewal options for up to four additional years, bringing the total anticipated contract value to as much as $130 million.
AI Authority Trend: Elastic Integrates Amazon Bedrock AgentCore to Improve AI Agent Observability
Building on a long-standing collaboration between Elastic and CISA, Elastic and ECS will jointly design, host, and operate the SIEMaaS platform on FedRAMP-certified Elastic Cloud infrastructure. Through this approach, the program will unify cybersecurity monitoring across Federal Civilian Executive Branch Agencies (FCEBs). As a result, agencies will benefit from faster threat detection, improved scalability, and consistent operational workflows. At the same time, Elastic’s standards-based and open platform is expected to lower costs tied to security data access and long-term retention.
Importantly, a large FCEB agency has already onboarded as the first tenant on the SIEMaaS platform. This initial deployment will function as the operational blueprint for expanding the service across additional federal agencies. By doing so, CISA aims to accelerate time-to-protection while establishing a repeatable and cost-efficient shared cybersecurity model.
Meanwhile, federal agencies continue to face increasingly sophisticated cyber threats, including supply chain compromises, identity-driven attacks, and zero-day vulnerabilities. Although Executive Orders 14028 and M-21-31 have advanced Zero Trust adoption and strengthened logging standards, achieving unified, government-wide cyber visibility remains a challenge.
AI Authority Trend: Elastic Simplifies OpenTelemetry SDK Management
The new SIEMaaS initiative directly tackles these challenges by delivering a centralized, cloud-hosted platform capable of large-scale data ingestion, advanced threat analytics, and rapid incident response. Powered by the Elasticsearch Platform, the solution supports both structured and unstructured data, enabling agencies to break down long-standing data silos. Consequently, CISA analysts and FCEB agencies can collaborate more effectively using a shared and accessible cyber defense environment.
“Federal agencies remain a top target for cyber adversaries, and the current pace and complexity of attacks demand a new operational model,” said Ash Kulkarni, CEO of Elastic. “By consolidating cybersecurity telemetry into a shared, cloud-based SIEM service built on Elastic’s platform, CISA is setting a new standard for speed, scale, and collective defense across civilian agencies.”
Under the program, the CISA Continuous Diagnostics and Mitigation Program Management Office will oversee hosting and operations for the SIEMaaS environment. This includes managing infrastructure, data pipelines, enrichment workflows, and threat detection engines on FedRAMP-certified Elastic Cloud. The contract spans a base year with four option years and runs through 2030, reinforcing the federal government’s commitment to modern, unified cyber defense.
AI Authority Trend: Elastic Brings LLM Observability to Azure AI Foundry to Optimize AI Agents
To share your insights, please write to us at info@intentamplify.com
