INFRA
INFRA
INFRA
Demisto’s incident management bot can now learn from human security pros
Many modern security tools employ machine learning to identify patterns in hacker behavior and deploy appropriate countermeasures. Today, Demisto Inc. is taking it a step further with a new release of its incident management platform that also mixes in lessons from human network protection professionals.
The capability, which the startup touts as an industry first, expands upon what is already a fairly distinct feature set. Demisto Enterprise comes with a built-in chatbot that can automate many of the tasks involved in protecting a company’s network. The assistant aggregates data from different security systems, filters duplicate entries and displays suspicious events in the chat window for review.
The newly introduced learning capability kicks in when security personnel respond to a threat. According to Demisto, its platform observes how a company’s staffers deal with a breach and identifies what methods are most effective. The chatbot then makes the information available in the form of suggestions for future investigations.
It’s the same basic concept that analytics providers such as Tableau Software Inc. and Trifecta Inc. have implemented in their tools to help speed up data science projects. Demisto says that the security suggestions can reduce the time it takes to clean up breaches while filling in knowledge gap for junior members of the network protection team. For added measure, the bot identifies who is most qualified to handle a given threat by assessing staffers’ track record in tackling similar issues.
More mundane incidents can in turn be handled automatically thanks to Demisto’s support for so-called playbooks. According to the startup, its platform enables users to create workflows for responding to different threats that are launched immediately when suspicious activity is detected. The idea is to make it harder for hackers to escalate attacks and at the same time reduce the load on security personnel, thus freeing them up to focus on more pressing issues.
These new features may help Demisto stand out from the numerous other startups that sell software for finding and responding to security breaches. Among them is Sqrrl Data Inc., which raised $12.3 million earlier this month to step up its competitive efforts.
Image: Pixabay
A message from John Furrier, co-founder of SiliconANGLE:
Support our open free content by sharing and engaging with our content and community.
Join theCUBE Alumni Trust Network
Where Technology Leaders Connect, Share Intelligence & Create Opportunities
11.4k+
CUBE Alumni Network
C-level and Technical
Domain Experts
15M+
theCUBE
Viewers
Connect with 11,413+ industry leaders from our network of tech and business leaders forming a unique trusted network effect.
SiliconANGLE Media is a recognized leader in digital media innovation serving innovative audiences and brands, bringing together cutting-edge technology, influential content, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — such as those established in Silicon Valley and the New York Stock Exchange (NYSE) — SiliconANGLE Media operates at the intersection of media, technology, and AI. .
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a powerful ecosystem of industry-leading digital media brands, with a reach of 15+ million elite tech professionals. The company’s new, proprietary theCUBE AI Video cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
