IT Brief Asia - Technology news for CIOs & IT decision-makers
Story image

ExtraHop launches suite of AI tools on RevealX platform

Wed, 8th May 2024

ExtraHop, the provider of cloud-native network detection and response (NDR), has announced a powerful suite of AI tools designed to strengthen its award-winning RevealX platform, including updated features to speed up threat detection and response. The new tools have been created specifically to automate Security Operations Centre (SOC) workflows and alleviate the fatigue commonly experienced by analysts.

As the threat landscape rapidly expands and alerts continue to multiply, SOC analysts find themselves increasingly overworked and under-resourced. To address these issues, many are turning to AI. According to the 2024 Global Cyber Confidence Index, 38% of security decision-makers have identified utilising AI and machine learning to manage and mitigate cyber risk as their top priority for the year.

One of the new AI capabilities, the AI Search Assistant, serves as a threat-hunting companion for SOC analysts. This generative AI-powered search interface allows teams to use natural language to search for indicators of potential attacks, thus accelerating threat detection. Chris Kissel, Research Vice President of Security and Trust at IDC, stated that "ExtraHop's generative AI search assistant offers immediate value through simple, conversational searches that help swiftly pinpoint potential threats."

Users can utilise the AI Search Assistant to ask queries such as, "Which workstations are not running an endpoint agent?" and "Which devices have attributes associated with a known security threat?" What's more, the search assistant even suggests potentially pertinent queries based on the analyst's environment and perceived risks.

Another update, the Smart Investigations feature, effectively reduces the time to respond by automatically creating investigations by correlating detections that map to high-risk attack patterns. This feature uses ExtraHop's industry-leading machine learning architecture, which, informed by real-time network insights, prioritises the most crucial threats, thus accelerating investigation and response times.

Kanaiya Vasani, Chief Product Officer at ExtraHop, explained that "by enabling AI to automate more mundane and time-consuming functions like threat hunting, alert correlation, and triage, SOC analysts can focus on addressing critical threats and more effectively manage their cyber risk."

With the rollout of these AI tools, ExtraHop continues to offer innovative solutions, leveraging proprietary AI and machine learning capabilities to help organisations swiftly identify and counter security threats before it's too late.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X