Creates "AI for security" section

docs/AI-for-security/ai-for-security.asciidoc

@@ -0,0 +1,24 @@
+[[ai-for-security]]
+= AI for security
+
+:frontmatter-description: Learn to use AI capabilities in {elastic-sec}.
+:frontmatter-tags-products: [security]
+:frontmatter-tags-content-type: [overview]
+:frontmatter-tags-user-goals: [get-started]
+
+You can use {elastic-sec}'s built-in AI tools to speed up your work and augment your team's capabilities. The pages in this section describe <<security-assistant, AI Assistant>>, which answers questions and enhances your workflows throughout {elastic-sec}, and <<attack-discovery, Attack discovery>>, which speeds up the triage process by finding patterns and identifying attacks spanning multiple alerts.
+
+include::security-assistant.asciidoc[leveloffset=+1]
+include::attack-discovery.asciidoc[leveloffset=+1]
+
+include::ai-use-cases.asciidoc[leveloffset=+1]
+include::ai-alert-triage.asciidoc[leveloffset=+2]
+include::use-attack-discovery-ai-assistant-incident-reporting.asciidoc[leveloffset=+2]
+include::ai-esql-queries.asciidoc[leveloffset=+2]
+
+include::llm-connector-guides.asciidoc[leveloffset=+1]
+include::azure-openai-setup.asciidoc[leveloffset=+2]
+include::connect-to-openai.asciidoc[leveloffset=+2]
+include::connect-to-bedrock.asciidoc[leveloffset=+2]
+
+include::llm-performance-matrix.asciidoc[leveloffset=+1]

docs/AI-for-security/ai-use-cases.asciidoc

@@ -0,0 +1,10 @@
+[[assistant-use-cases]]
+= AI Assistant use cases
+
+The guides in this section describe use-cases for AI Assistant and Attack discovery. Refer to them for examples of each tool's individual capabilities, and of what they can do together.
+
+* <<attack-discovery-ai-assistant-incident-reporting>>
+* <<assistant-triage>>
+* <<esql-queries-assistant>>
+
+For general information, refer to <<security-assistant, AI Assistant>> or <<attack-discovery, Attack discovery>>.

docs/assistant/security-assistant.asciidoc → docs/AI-for-security/security-assistant.asciidoc

@@ -189,14 +189,3 @@ In addition to practical advice, AI Assistant can offer conceptual advice, tips,
 * “I need to monitor for unusual file creation patterns that could indicate ransomware activity. How would I construct this query using EQL?”
 
 
-include::assistant-use-cases.asciidoc[leveloffset=+1]
-include::ai-alert-triage.asciidoc[leveloffset=+2]
-include::use-attack-discovery-ai-assistant-incident-reporting.asciidoc[leveloffset=+2]
-include::ai-esql-queries.asciidoc[leveloffset=+2]
-
-include::llm-connector-guides.asciidoc[leveloffset=+1]
-include::azure-openai-setup.asciidoc[leveloffset=+2]
-include::connect-to-openai.asciidoc[leveloffset=+2]
-include::connect-to-bedrock.asciidoc[leveloffset=+2]
-
-include::llm-performance-matrix.asciidoc[leveloffset=+1]

docs/index.asciidoc

@@ -18,9 +18,7 @@ include::getting-started/index.asciidoc[]
 
 include::getting-started/security-ui.asciidoc[]
 
-include::assistant/security-assistant.asciidoc[]
-
-include::attack-discovery/attack-discovery.asciidoc[]
+include::AI-for-security/ai-for-security.asciidoc[]
 
 include::dashboards/dashboards-overview.asciidoc[]