Many modern security tools employ machine learning to identify patterns in hacker behavior and deploy appropriate countermeasures. Today, Demisto Inc. is taking it a step further with a new release of its incident management platform that also mixes in lessons from human network protection professionals.

The capability, which the startup touts as an industry first, expands upon what is already a fairly distinct feature set. Demisto Enterprise comes with a built-in chatbot that can automate many of the tasks involved in protecting a company’s network. The assistant aggregates data from different security systems, filters duplicate entries and displays suspicious events in the chat window for review.

The newly introduced learning capability kicks in when security personnel respond to a threat. According to Demisto, its platform observes how a company’s staffers deal with a breach and identifies what methods are most effective. The chatbot then makes the information available in the form of suggestions for future investigations.

It’s the same basic concept that analytics providers such as Tableau Software Inc. and Trifecta Inc. have implemented in their tools to help speed up data science projects. Demisto says that the security suggestions can reduce the time it takes to clean up breaches while filling in knowledge gap for junior members of the network protection team. For added measure, the bot identifies who is most qualified to handle a given threat by assessing staffers’ track record in tackling similar issues.

More mundane incidents can in turn be handled automatically thanks to Demisto’s support for so-called playbooks. According to the startup, its platform enables users to create workflows for responding to different threats that are launched immediately when suspicious activity is detected. The idea is to make it harder for hackers to escalate attacks and at the same time reduce the load on security personnel, thus freeing them up to focus on more pressing issues.

These new features may help Demisto stand out from the numerous other startups that sell software for finding and responding to security breaches. Among them is Sqrrl Data Inc., which raised $12.3 million earlier this month to step up its competitive efforts.

Image: Pixabay