Bank of America Tech Conference: Elastic Reveals FedRAMP High Certification and Multimodal AI Embedding Push as Growth Catalysts
Fireside chat at Bank of America 2026 Global Technology Conference, June 4, 2026
Elastic's Chief Product Officer Ken Exner and Global VP of Finance Eric Prengel sat down with Bank of America analyst Koji Ikeda at the firm's annual technology conference, and the conversation delivered several concrete data points that investors had not previously heard in granular detail — most notably a freshly minted FedRAMP High certification and a proprietary embedding model strategy that management believes meaningfully undercuts the competition on cost.
FedRAMP High: The Upgrade That Moved the Needle in Q4
The most operationally significant disclosure in the session was confirmation that Elastic has achieved FedRAMP High authorization, an upgrade from its prior FedRAMP Moderate status. Exner confirmed it went live last month. This matters because it directly explains one of the more puzzling dynamics in the just-reported fiscal fourth quarter: a 1-point revenue headwind caused by a mix shift toward cloud deployments.
Prengel explained that the CISA SIEM-as-a-Service contract — in which Elastic is providing security and SIEM capabilities to U.S. civilian agencies — drove far stronger-than-expected cloud uptake. "We won the CISA SIEM-as-a-Service deal, where we're providing security and SIEM to the U.S. public sector, the civilian agencies there through CISA. And we've actually seen a much better uptake of that than we'd even expected." Government customers who had historically consumed Elastic through self-managed deployments shifted to the cloud offering in Q4, triggering a timing difference in revenue recognition rather than any underlying demand weakness. The revenue will come; it simply arrives on a different schedule under cloud accounting.
With FedRAMP High now in hand, Elastic can address the most sensitive U.S. government workloads through its cloud platform, and Exner noted the company is currently pursuing IL5 authorization as the next step. For a company with a growing public sector footprint, this certification ladder is not a checkbox exercise — it is a prerequisite for expanding the addressable contract base.
The Booking Surge That Management Wants Investors to Notice
Prengel was emphatic that the Q4 print reflected genuine business momentum rather than financial engineering. Current RPO grew 20% and total RPO grew 28%, with cRPO accelerating 5 points on a constant-currency basis versus the prior quarter. "This is truly the business performing," Prengel said, pushing back on any suggestion of inflated metrics through heavier discounting. He described it as "a record quarter over the last couple of years in terms of the growth and commitments."
For fiscal year 2027, Elastic initiated full-year guidance at 14.5% growth, which Prengel noted represents acceleration from the Q1 guide. The comfort level behind that guidance rests on the cRPO base already in hand, combined with a field capacity build that has been underway for twelve months. Two years ago, in Q1 fiscal 2025, Elastic suffered widely-discussed go-to-market execution problems. Since then, under sales leader Mark Dodds, the company has rebuilt field productivity and has been adding account executives at an increasing pace. Prengel was explicit: there are no planned changes to account allocation, geographic structure, or sales compensation for fiscal 2027. The playbook is working; management is simply scaling it.
Metrics and Infrastructure Monitoring: The Observability Offensive
Perhaps the most strategically underappreciated element of the conversation was Elastic's deliberate push into infrastructure metrics — the fastest-growing segment of the observability market and one where the company had historically underinvested. Prengel acknowledged the gap plainly: "Metrics and infrastructure monitoring has probably been the fastest-growing part of that market." The company formally relaunched its metrics product at its Sales Kickoff event during fiscal 2027.
Exner cited specific performance benchmarks as the basis for competitive confidence: Elastic's metrics store is now 2.5 times faster than Prometheus-based systems and more than 2 times more efficient than ClickHouse. Critically, the product now natively supports Prometheus data and PROMQL queries, meaning customers running Grafana dashboards can swap Elastic in as the back-end without changing their tooling. "You just swap out the back end and suddenly it's cheaper and faster. You don't have to change your dashboard. It's just immediately cheaper, immediately faster." For organizations running Prometheus at scale, that is a straightforward cost reduction with minimal migration friction — a compelling sales motion.
Logs remains the dominant portion of Elastic's observability revenue, but the metrics expansion is presented as an additive growth layer rather than a cannibalization risk. The field force is described as "super excited" about the refreshed capability, and given that observability and security tend to carry separate buyers, the metrics opportunity is largely incremental.
The Agentic SOC: From Demo to Tears in the Room
On the security side, Exner offered the most vivid and investor-relevant description of where AI-driven automation is in the adoption cycle. Elastic introduced Attack Discovery — an agentic workflow that automatically triages incoming security alerts, filters false positives, correlates genuine threats, and maps them to the MITRE ATT&CK framework — approximately eighteen months ago at RSA. The product was described as the first use of agentic AI in the security operations center context.
"When we introduced Attack Discovery, it kind of blew people's minds because what we were doing is we were processing all the alerts that come in and automatically figuring out which ones were false positives, which ones were real, which ones were correlated. We're able to map this to the MITRE ATT&CK chain and basically show customers the entire attack path." Exner recounted security analysts becoming emotional during demonstrations — not from fear of job displacement, but from relief. "They're like, you've taken all the drudgery away from my work and gotten me to a point where I can actually fight the issues." The same dynamic applies on the SRE side, where on-call engineers are being handed root-cause analysis and remediation suggestions rather than a blank screen at 2 a.m.
The commercial implication is that Elastic is moving beyond platform licensing into usage-based monetization of agentic workflows — token consumption, workflow executions, and conversation turns — creating a new metered revenue layer on top of the existing subscription base.
Embedding Models: The Efficiency Angle Nobody Is Watching
Exner used the conference to articulate Elastic's embedding model strategy in unusual detail, and it deserves more investor attention than it has received. Elastic recently launched what it calls its "omni series" in partnership with Jina AI — multimodal embedding models capable of vectorizing audio, video, images, and text within a single framework, using vision model techniques. The multimodal capability addresses the growing enterprise need to process rich documents — PDFs containing tables, images, and text — as unified objects rather than parsing them into components.
But Exner saved his sharpest enthusiasm for the efficiency story. Elastic's new small and nano embedding models rank in the top ten globally by performance benchmarks while being, by Exner's estimate, fourteen to fifty times smaller than the other models in that performance tier. "If you're using this, people are picking these because they're still highly performing in the top 10, but they're like a fraction of the cost to run." For enterprises deploying RAG pipelines or agentic retrieval systems at scale, embedding model inference cost is a real operational expense. A top-ten model at a fraction of the compute footprint is a differentiated offer that aligns directly with enterprise procurement logic.
The AWS Fork: A Real but Contained Competitive Threat
Exner addressed the OpenSearch fork — Amazon's divergent version of Elasticsearch — with unusual candor. The threat is real but bounded. "It does come up if you're an AWS customer." Amazon's pitch is that OpenSearch is the same product, which Exner disputed, pointing to performance and efficiency benchmarks that favor Elastic. The practical defense is running head-to-head cost comparisons: "They run the benchmarks and they actually see that we actually are quite a bit cheaper in terms of the total cost because of the investments we continue to make in efficiency." The fork risk is essentially coextensive with AWS-native customers and does not appear to be gaining ground in multi-cloud or on-premises environments.
The Cross-Sell Motion: Search Customers as Security Leads
One tactical go-to-market insight that stood out: Elastic's most productive current cross-sell motion runs through its search customer base. Account teams are approaching existing search users and asking them to introduce their CISO. Exner noted that security analysts at those companies often already know Elastic from its open-source roots, which shortens the sales cycle considerably. "Their security analysts are already using us in an open source form, and we're able to turn them into a security customer in addition to search." With 100,000-plus customers on the platform and 600 already using AI capabilities — a figure Prengel described as a substantial sequential increase — the installed base represents a large and underpenetrated cross-sell surface.