elastic · nastasha-solomon · Jun 5, 2024 · May 2, 2024 · May 2, 2024 · May 9, 2024
@@ -3,6 +3,7 @@
 
 This section summarizes the changes in each release.
 
+* <<release-notes-8.14.0, {elastic-sec} version 8.14.0>>
 * <<release-notes-8.13.4, {elastic-sec} version 8.13.4>>
 * <<release-notes-8.13.3, {elastic-sec} version 8.13.3>>
 * <<release-notes-8.13.2, {elastic-sec} version 8.13.2>>
@@ -56,6 +57,7 @@ This section summarizes the changes in each release.
 * <<release-notes-8.0.0, {elastic-sec} version 8.0.0>>
 * <<release-notes-8.0.0-rc2, {elastic-sec} version 8.0.0-rc2>>
 
+include::release-notes/8.14.asciidoc[]
 include::release-notes/8.13.asciidoc[]
 include::release-notes/8.12.asciidoc[]
 include::release-notes/8.11.asciidoc[]

@@ -0,0 +1,62 @@
+[[release-notes-header-8.14.0]]
+== 8.14
+
+[discrete]
+[[release-notes-8.14.0]]
+=== 8.14.0
+
+[discrete]
+[[features-8.14.0]]
+==== New features
+* Introduces Attack discovery, a new feature that uses AI to identify potential attacks and help you quickly triage multiple alerts ({kibana-pull}181818[#181818]).
+* Creates the **Asset criticality** page within the **Manage** menu, which lets you bulk assign asset criticality levels to your assets ({kibana-pull}179891[#179891]).
+* Adds alert suppression for New Terms rules ({kibana-pull}178294[#178294]).
+* Adds alert suppression for EQL rules with non-sequence queries ({kibana-pull}176422[#176422]).
+* Allows you to edit value lists from the UI, anywhere you use them ({kibana-pull}179339[#179339]).
+* Adds a **Setup guide** markdown field to custom rules ({kibana-pull}178131[#178131]).
+
+[discrete]
+[[enhancements-8.14.0]]
+==== Enhancements
+* Removes the "Technical preview" tag for {esql}; it is now generally available ({kibana-pull}180838[#180838]).
+* Allows you to add calculated values to an {esql} rule's highlighted fields ({kibana-pull}177746[#177746]).
+* Connects {esql} functionality in {elastic-sec} to the `general:enableESQL` advanced setting ({kibana-pull}181616[#181616]).
+* Removes the "Technical preview" tag for custom query rule alert suppression; it is now generally available ({kibana-pull}181279[#181279]).
+* Makes conversations with Elastic AI Assistant persist across sessions ({kibana-pull}173487[#173487]).
+* Adds conversation streaming for Elastic AI Assistant ({kibana-pull}180095[#180095]).
+* Adds support for Anthropic Claude 3 to the Amazon Bedrock connector, and makes it the default model ({kibana-pull}179304[#179304]).
+* Adds an **AI Assistant** settings section to the **Management** menu ({kibana-pull}176656[#176656]).
+* Updates the **AI Assistant** design from modal to flyout ({kibana-pull}176657[#176657]).
+* Adds the `_source` field to the alert details flyout's JSON view ({kibana-pull}180477[#180477]).
+* Improves the UI for row renderers in Timeline ({kibana-pull}180669[#180669]).
+* Allows data collected by Auditbeat to appear in Session View ({kibana-pull}179985[#179985]).
+* Improves the visual appearance of the asset criticality alert column ({kibana-pull}180868[#180868]).
+* Adds an advanced setting that allows you to turn off alert enrichment from memory scanning for malicious behavior alerts ({kibana-pull}180636[#180636]).
+* Adds an advanced setting that lets you turn off a performance optimization that makes malware on-write and file event processing asynchronous ({kibana-pull}179179[#179179]).
+* Makes some of the flyout's state persist for alert and event details ({kibana-pull}178746[#178746], {kibana-pull}179511[#179511]).
+* Limits the alerts that can affect an entity's risk score to the 10,000 riskiest ({kibana-pull}178324[#178324]).
+* Adds a tooltip to the **Asset Criticality** section of the entity details flyout ({kibana-pull}176927[#176927]).
+* Updates MITRE ATT&CK framework to version 14.1 ({kibana-pull}174120[#174120]).
+* Allows you can choose whether {elastic-defend} scans files when they're modified or executed ({kibana-pull}179176[#179176]).
+* Allows you to automatically register {elastic-defend} as the antivirus software for Windows endpoints when {elastic-defend}'s malware protection is set to prevent ({kibana-pull}180484[#180484]).
+
+[discrete]
+[[bug-fixes-8.14.0]]
+==== Bug fixes
+* Fixes a bug that prevented the **{esql}** Timeline tab from being turned off after you removed the `xpack.securitySolution.enableExperimental: ["timelineEsqlTabDisabled"]` feature flag from the {kib} user settings ({kibana-pull}182816[#182816]).
+* Fixes a bug that removed pinned events and comments in unsaved Timelines ({kibana-pull}178212[#178212]).
+* Fixes a bug in Timeline that prevented the **Show top _x_** action from showing accurate results ({kibana-pull}177213[#177213]).
+* Fixes a bug with the `is one of` Timeline filter that generated incorrect Query Domain Specific Language (DSL) queries ({kibana-pull}180455[#180455]).
+* Ensures the `securitySolution:enableAssetCriticality` advanced setting is enabled before the asset criticality levels to your entities are updated ({kibana-pull}181780[#181780]).
+* Corrects the color theme for the entity risk score UI to ensure it works on dark mode ({kibana-pull}181431[#181431]).
+* Improves the Entity Analytics dashboard load time ({kibana-pull}179510[#179510]).
+* Fixes a bug that didn't allow you to save Timelines if your {kib} account name was an email address ({kibana-pull}181709[#181709]).
+* Moves the `observer.serial_number` field to the Highlighted Fields section for alerts generated by SentinelOne and removes the {agent} status field ({kibana-pull}181038[#181038]).
+* Fixes an issue that caused {kib} Task Manager to become overloaded when rules were bulk enabled ({kibana-pull}180796[#180796]).
+* Ensures {ml} rules can be previewed while creating a new rule ({kibana-pull}180792[#180792]).
+* Fixes a UI bug on the rule details page for EQL and {esql} rules that caused the **Custom query** label to incorrectly display in the rule type field ({kibana-pull}178821[#178821]).
+* Deactivates the **Create new list** option if you attempt to import another exception list for the Endpoint Security rule ({kibana-pull}178674[#178674]).
+* Fixes a bug that stopped indicator filters from working correctly on the Intelligence page ({kibana-pull}179607[#179607]).
+* Fixes the loading page layout on the Intelligence page. Also improves the Indicators table loading speed after you set up a threat intelligence integration ({kibana-pull}178701[#178701]).
+* Fixes a bug that caused the wrong {security-app} page name to display in your browser tab ({kibana-pull}181056[#181056]).
+