What If Sherlock Holmes Was A Robot?


What if Sherlock Holmes was a robot?  This question is obviously designed to provoke thoughts on how the integration of automation and investigation could yield some interesting results.  Appropriately, it is being used as the tag line for SecBI’s current marketing campaign.  SecBI’s Autonomous Investigation technology provides automated detection and investigation that can drastically reduce your security teams’ response times for comprehensive remediation.

SecBI’s Susan Becker, Doron Davidson, Gilad Peleg, Aire (Fredy) Fred, and Yaron Mashav

Brilliance Security Magazine had the singular pleasure of speaking with some of SecBI’s top executives to learn more about their autonomous investigation technology.  We spoke with Gilad Peleg-CEO, Arie (Fredy) Fred-VP of Product, and Susan Becker-VP of Marketing.  We discussed the three core features that Managed Security Service Providers (MSSPs) must provide in order to adequately protect their customers.  Fredy maintains that “Security analysts spend too much time finding, searching, organizing, and analyzing information. They try to find insights from incomplete data across multiple siloed systems to adequately prioritize and investigate the thousands of alerts they receive each week. Making matters worse, there is an acute shortage of experienced security personnel. Faced with all this, finding and investigating the threats that actually matter is very challenging.”

It naturally follows that the three core features that MSSPs must provide their customers are speed, accuracy, and simplicity.

Peleg explained, “Using proprietary machine learning and Big Data analytics, SecBI converts a flood of alerts into prioritized lists of incidents that are simple to triage, investigate, and mitigate. Our solution creates a complete view of each cyber incident by combining diverse alerts, events, and logs into one narrative.  This results in the removal of unnecessary noise allowing the security analyst to concentrate on the valuable information needed for cyber investigations.  The organization benefits from automatic incident investigation which dramatically shortens the response time of cyber security teams, enhancing overall protection levels and saving costs.”  Fast, accurate, and simple.

By utilizing SecBI’s technology, MSSPs can offer advanced threat detection, breach response, gap analysis and fortify their threat hunting capabilities, all leading to increased revenue with an expanded portfolio of services.

The Process

 

 

“SecBI frees SOC teams from chasing sporadic alerts with tedious investigation quests to gather forensic evidence of malicious activities. Our full scope detection enables analysts to thoroughly evaluate incident information with accelerated response rates and negligible false positives and significantly reduces dwell time. The SecBI solution is easily and instantly deployed with no additional appliances or agents. Deployment can be on-premise or in the cloud. Your SOC is amplified immediately with zero change to the network infrastructure,” explained Susan.

So, what if Sherlock Holmes was a robot? We can deduce that if a robotic Sherlock was investigating cyber threats, he would be faster, more accurate, and simple.

Steven Bowcut, CPP, PSP is the Editor-in-Chief for Brilliance Security Magazine.