Demisto raises $20M to bring chatbots into the cybersecurity world

demisto

While most chatbot startups focus on automating common business tasks such as sharing files and answering customer questions, Demisto Inc. is working towards an entirely different goal: fighting hackers.

The two-year-old firm today said it has closed a $20 million funding round to fuel its efforts. At the same time, Demisto released a new version of its flagship incident management platform, which aims to help security personnel respond to suspected breaches in their organizations more effectively. The main highlight of the service is a conversational artificial intelligence called DBot that can run in Slack or a standalone window and provide assistance with addressing a potential threat.

At the cornerstone of the service is a set of connectors designed to collect data from companies’ existing security infrastructure. DBot evaluates the information in real-time, filters out duplicate entries and takes action if its algorithm comes across an anomaly that warrants special attention. Administrators can customize the agent’s behavior using “automation playbooks” that make it possible to define what action should be taken in response to specific incidents.

A company could configure DBot take care of certain low-priority anomalies by itself, while posting more severe issues in the security team’s Slack channel for manual review. Administrators can ask the bot to fetch additional details about an incident, inform colleagues of the issue and add custom notes to help bring them up to speed quickly.

Today’s update expands upon the capabilities of DBot with a new threat intelligence function that employs machine learning technology to look for signs of malicious activity. Indicator Repository, as the feature is called, allows security professionals to upload information about certain malware or attack tactics and have the agent look for potential matches in their organization’s network. It’s also possible to incorporate the data into playbooks to optimize existing incident response workflows.

Demisto’s new $20 million haul will enable it to expand the capabilities of DBot. The round, which was led by a low-key Florida-based fund called ClearSky, will also enable the startup to expand its sales and marketing efforts.

Image courtesy of Demisto