ExtraHop, a leader in cloud-native network detection and response (NDR), has announced a new suite of AI tools within its RevealX™ platform designed to automate Security Operations Center (SOC) workflows and reduce analyst fatigue. This announcement comes amid a growing threat landscape and the increasing workload faced by SOC analysts.
The introduction of these AI tools is timely, as the 2024 Global Cyber Confidence Index indicates that 38% of security decision-makers prioritize using AI and machine learning to manage and mitigate cyber risk. ExtraHop’s new capabilities aim to address this need by enhancing the threat detection, investigation, and response (TDIR) lifecycle.
AI Search Assistant for Accelerated Threat Hunting
The new generative AI-powered search assistant from ExtraHop is set to become a crucial tool for SOC analysts, enabling them to conduct threat hunting through a natural language search interface. This assistant helps analysts quickly identify indicators of attack, providing insights such as which workstations are not running an endpoint agent or which devices have attributes associated with known security threats. The search assistant also suggests relevant queries based on the analyst’s environment and perceived risks.
“As SOC analysts find themselves more resource-strapped than ever before, the generative AI search assistant from ExtraHop offers immediate value via simple, conversational searches that help quickly locate potential threats. ExtraHop continues to build upon its proprietary AI and machine learning capabilities, driving an innovative approach to threat detection that helps organizations identify security issues before it’s too late.”
Chris Kissel, Research Vice President for Security and Trust at IDC
Smart Investigations for Faster Response Times
ExtraHop’s Smart Investigations leverages the company’s machine learning architecture to automatically generate investigations by correlating detections with high-risk attack patterns. This tool prioritizes the most critical threats using real-time network insights, thereby accelerating investigation and response times and helping organizations maintain operational continuity.
“AI is inherent to ExtraHop’s DNA, having been baked into our product since day one,” said Kanaiya Vasani, Chief Product Officer at ExtraHop.
“SOC analysts can now apply AI to automate the more mundane and time-consuming functions often bogging them down, like threat hunting, alert correlation, and triage. Recouping the time and resources often spent on these tasks, enterprises can focus on tackling critical threats to more effectively manage their cyber risk.”
Share your thoughts