Generative AI Takes on SIEM

With more vendors adding support for generative AI to their platforms and products, life for security analysts seems to be getting deceptively easier. While adding generative AI capabilities to security information and event management is still in its early stages, several providers are taking steps to let security analysts interact with their platforms using natural language processing. Generative AI For IBM QRadar SIEM Take IBM, for one: Big Blue recently announced plans to upgrade its QRadar SIEM platform to a cloud-native architecture and to bring its watsonx technology to the new platform. The new QRadar SIEM is set for release in the coming weeks as a software-as-a-service offering, with the watsonx models and an on-premises version based on Red Hat OpenShift poised to roll out in 2024. The plan is to add generative AI to the revamped platform next year. The modernized QRadar SIEM offering will become part of the QRadar Suite, originally launched in April 2023, which brings IBM's endpoint detection and response, extended detection and response, security orchestration, automation, and response, and SIEM offerings and a new log management tool onto a common platform designed to give SOC analysts a unified interface and controls. Analysts say QRadar SIEM was overdue for a significant upgrade, as rivals such as Splunk, Palo Alto Networks, Microsoft, CrowdStrike, and Elastic have emerged with cloud-native alternatives. In recent months, leading security providers have released technical previews of managed detection and response platforms with SIEM that can tap generative AI. "They had essentially taken their legacy platform as far as they could have in terms of capabilities and performance, and the need to modernize the platform and migrate to cloud-native, which is becoming table stakes in the next-generation SIEM segment, was an imperative," says Eric Parizo, Omdia managing principal analyst. "Fortunately, it coincided with IBM's companywide shift to the Red Hat OpenShift platform." Moving QRadar to OpenShift and emphasizing standards-based integration could make its security offerings more appealing beyond the core IBM base, Parizo says. "However, it must overcome having a relatively unproven endpoint security solution, a years-long effort to convert its on-prem SIEM/SOAR customers to the new cloud-native SIEM, and growing competition, particularly from Microsoft, which topped $20 billion in annual security revenue earlier this year and has stated its commitment to own the SecOps market," he says. IBM's forthcoming generative AI capabilities aim to make security operations teams more efficient by automating repetitive and tedious tasks, allowing them to focus on more critical issues. Among them include generating reports on common incidents, threat hunting by generating searches based on natural language explanations of attack patterns, interpreting machine-generated data with nontechnical explanations of events, and curating threat intelligence and determining what is most relevant. Charlotte AI Coming to Falcon Raptor CrowdStrike is another company shaking up SIEM with generative AI: Charlotte AI will be part of a new release of Raptor, a rearchitected release of CrowdStrike's Falcon XDR platform. Raptor adds generative AI-powered incident investigation capabilities and XDR features. At its recent Fal.Con 2023 conference in Las Vegas, CrowdStrike demonstrated the new Falcon Raptor XDR platform with Charlotte AI, which correlates threat telemetry and functions and has a bot-like interface that functions as an automated security analyst. It lets users, ranging from executives with little technical experience to advanced security professionals, ask questions and receive natural language responses. Kurtz said CrowdStrike's threat graph identifies combinations of events that would lead to a threat indicator. As Falcon Raptor shifts the XDR functions to the cloud, Kurtz promised it will not lose context of activity on the endpoint, thanks to CrowdStrike's new threat and asset graphs, which provide detailed views of an organization's assets and state. While customers at the CrowdStrike conference said they were intrigued by the Charlotte AI demo, many said they aren't going to rush into it. Prabhath Karanth, VP and global head of security and trust at travel expense management SaaS provider Navan, also plans to evaluate Charlotte for his SOC and IR analysts. Microsoft Security Copilot Released to Early Access Customers Notably, Microsoft last month released a preview of Security Copilot for early-access customers. Microsoft says a more restricted preview launched in March 2023 has reduced the time spent on everyday security operations tasks by as much as 40% when security analysts enter complex queries with natural language text. "Security Copilot can effectively up-skill a security team, regardless of its expertise, save them time, enable them to find what previously they might have missed, and free them to focus on the most impactful projects," noted Microsoft corporate VP for security, compliance, security and management in last month's announcement. Microsoft's updated preview release is now embedded with Microsoft 365 Defender XDR. Also included with Security Copilot is Microsoft Defender Threat Intelligence, which provides direct access to Microsoft's cleansed threat intelligence telemetry. "There's a lot of interest in Security Copilot, but it assumes you are a Microsoft customer," says Jon Olstik, Enterprise Strategy Group principal analyst and fellow. "If you have an E5 license and you're using Microsoft tooling, infrastructure, and security. It's a great fit. It will really help. If you have a heterogeneous environment, it won't be nearly as effective. At least not now. They say they'll support those things over time. Maybe they will. But for now, it's really Microsoft-centric." Time for AI to Shine IBM Security VP of product management Chris Meenan says IBM has been leading the way with AI for years, noting that QRadar SIEM used traditional machine learning to provide alert prioritization and adaptive detection. "We've been embedding AI in our products, including the existing QRadar, and we leverage it a lot in our own MSS SOCs around the globe," Meenan says. Olstik recalls IBM's first attempt to bring generative AI capabilities to Watson in 2017 with the release of Watson Cognitive.

This Cyber News was published on www.darkreading.com. Publication date: Thu, 30 Nov 2023 20:25:02 +0000


Cyber News related to Generative AI Takes on SIEM

Generative AI Takes on SIEM - With more vendors adding support for generative AI to their platforms and products, life for security analysts seems to be getting deceptively easier. While adding generative AI capabilities to security information and event management is still in ...
1 year ago Darkreading.com
11 GenAI cybersecurity surveys you should read - Generative AI stands at the forefront of technological innovation, reshaping industries and unlocking new possibilities across various domains. As the integration of these technologies continues, a vigilant approach to ethical considerations and ...
1 year ago Helpnetsecurity.com
The Noticeable Shift in SIEM Data Sources - SIEM solutions didn't work perfectly well when they were first introduced in the early 2000s, partly because of their architecture and functionality at the time but also due to the faults in the data and data sources that were fed into them. While ...
10 months ago Feeds.dzone.com
What Lurks in the Dark: Taking Aim at Shadow AI - Security teams are confronting a new nightmare this Halloween season: the rise of generative artificial intelligence. Generative AI tools have unleashed a new era of terror for chief information security officers, from powering deepfakes that are ...
1 year ago Darkreading.com
4 key devsecops skills for the generative AI era - Experts believe that generative AI capabilities, copilots, and large language models are ushering in a new era of how developers, data scientists, and engineers will work and innovate. They expect AI to improve productivity, quality, and innovation, ...
11 months ago Infoworld.com
Social engineering in the era of generative AI: Predictions for 2024 - Breakthroughs in large language models are driving an arms race between cybersecurity and social engineering scammers. For businesses, generative AI is both a curse and an opportunity. It's not just AI models themselves that cyber criminals are ...
7 months ago Securityintelligence.com
How to Build a Data Foundation for Generative AI - Generative AI is not just a general-purpose productivity aid that surfaces information the way a search engine does; with gen AI, organizations can combine their unique, proprietary data with foundation models that have been pre-trained on a broad ...
11 months ago Feeds.dzone.com
Navigating the New Frontier of AI-Driven Cybersecurity Threats - A few weeks ago, Best Buy revealed its plans to deploy generative AI to transform its customer service function. Best Buy's initiative is a harbinger of generative AI deployment in enterprise settings, aiming to increase productivity and improve ...
7 months ago Securityboulevard.com
AI Is Changing the Way Enterprises Look at Trust: Deloitte & SAP Weigh In - Whether you are creating or customizing an AI policy or reassessing how your company approaches trust, keeping customers' confidence can be increasingly difficult with generative AI's unpredictability in the picture. We spoke to Deloitte's Michael ...
6 months ago Techrepublic.com
Securing Generative AI: Navigating Risks and Strategies - The introduction of generative AI has caused a paradigm change in the rapidly developing field of artificial intelligence, posing both unprecedented benefits and problems for companies. The need to strengthen security measures is becoming more and ...
1 year ago Cysecurity.news
Transforming the Creative Sphere With Generative AI - Generative AI, a trailblazing branch of artificial intelligence, is transforming the creative landscape and opening up new avenues for businesses worldwide. This article delves into how generative AI transforms creative work, including its benefits, ...
11 months ago Cysecurity.news
Generative AI's enterprise gamble: IT leaders bet big on tech despite security woes - Enterprise IT teams are moving swiftly to adopt generative artificial intelligence systems like ChatGPT, according to a new report from Glean and ISG. The report found that IT leaders see generative AI as transformational and are willing to increase ...
11 months ago Venturebeat.com
Generative AI Redefines Cybersecurity Defense Against Advanced Threats - In the ever-shifting realm of cybersecurity, the dynamic dance between defenders and attackers has reached a new echelon with the integration of artificial intelligence, particularly generative AI. This technological advancement has not only armed ...
10 months ago Cysecurity.news
Exploring the SIEM Environment Identifying and Overcoming Vendor Tricks - Are you fed up with the never-ending games and deceptive tactics used by security information and event management vendors? It's time to take control and make informed decisions. That's why we have decided to launch a series of blog posts to help ...
1 year ago Exabeam.com
CISOs Grapple With IBM's Unexpected Cybersecurity Software Exit - IBM's surprise departure from cybersecurity software this week didn't just rearrange the competitive landscape - it also reshuffled the procurement plans and vendor relationships for many CISOs rebuilding their SOCs. IBM has agreed to sell the QRadar ...
7 months ago Darkreading.com
How Criminals Are Leveraging AI to Create Convincing Scams - Cybercriminals create far more sophisticated scams with generative AI than traditional phishing scams. According to Visa research, scammers are fooling even the savviest internet users by launching pig butchering, inheritance, humanitarian relief ...
7 months ago Tripwire.com
Generative AI vs. Predictive AI: A Cybersecurity Perspective - In the context of cybersecurity, AI promises considerable benefits however there's still a lot of confusion surrounding the topic, particularly around the terms generative AI and predictive AI. Given the high failure rate for AI projects let's ...
6 months ago Securityboulevard.com
Fortinet Adds Generative AI Tool to Security Operations Portfolio - Fortinet today added a generative artificial intelligence tool to its portfolio to eliminate a range of manual tasks that security operations teams would otherwise need to perform. John Maddison, chief marketing officer for Fortinet, said Fortinet ...
1 year ago Securityboulevard.com
How enterprises are using gen AI to protect against ChatGPT leaks - ChatGPT is the new DNA of shadow IT, exposing organizations to new risks no one anticipated. Enterprise workers are gaining a 40% performance boost thanks to ChatGPT based on a recent Harvard University study. A second study from MIT discovered that ...
11 months ago Venturebeat.com
Building a Sustainable Data Ecosystem - Finally, I outline future research and policy refinement directions, advocating for a collaborative and responsible approach to building a sustainable data ecosystem in generative AI. In recent years, generative AI has emerged as a transformative ...
9 months ago Feeds.dzone.com
LinkedIn Tests Generative AI to Field Cybersecurity Questions From Employees and Suppliers - LinkedIn is testing how generative artificial intelligence could help employees and external suppliers get answers about cybersecurity policies within seconds, potentially cutting wait times for business deals or decisions to implement new tools. ...
1 year ago Wsj.com
DNSFilter introduces new capability to filter generative AI - DNSFilter announced the expansion of its protective DNS software with a new Generative AI category. DNSFilter's defense provides organizations of all sizes the ability to secure their network against harmful threats such as malware, botnet, and ...
1 year ago Helpnetsecurity.com
5 free generative AI courses you can take right now - Generative AI is a form of artificial intelligence technology focused on generating new content. This can include text, images, audio, and other media types. It's a rapidly evolving field with significant implications in various industries, ...
1 year ago Helpnetsecurity.com
Cohesity partners with NVIDIA to harness the power of generative AI - Cohesity announced a collaboration with NVIDIA to help organizations safely unlock the power of generative AI and data using the recently announced NVIDIA NIM microservices and by integrating NVIDIA AI Enterprise into the Cohesity Gaia platform. ...
9 months ago Helpnetsecurity.com
3 Ways the CTO Can Fortify the Organization in the Age of Generative AI - An August survey by BlackBerry found that 75% of organizations worldwide were considering or implementing bans on ChatGPT and other generative AI applications in the workplace, with the vast majority of those citing the risk to data security and ...
10 months ago Securityboulevard.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)