Are you getting ready for the upcoming Black Hat USA 2024 event, an
internationally recognized cybersecurity event providing the most
technical and relevant information security research, now in its 27th
year. The
event is quickly approaching, taking place August 3-8, 2024, returning
to the Mandalay Bay Convention Center in Las Vegas, NV with a 6-day
program.
Ahead of the show, VMblog received an exclusive interview with Haggai
Polak, Chief Product Officer, Securonix, a market leader in AI-Reinforced CyberOps. Make sure to add them to your MUST SEE list.
VMblog: Before we get into it, can you
give us a quick overview of the company? What should folks know?
Haggai
Polak: Securonix is a five-time leader in the
Gartner Magic Quadrant for SIEM and an industry leader in AI-Reinforced Threat
Detection, Investigation, and Response. The company is
pushing forward in its mission to secure its customers, staying ahead of cyber threats by reinforcing all layers
of its platform with AI capabilities. Securonix Unified Defense SIEM provides
organizations with the first and only AI-Reinforced solution built with a
cybersecurity mesh architecture on a highly scalable data cloud. The innovative cloud-delivered
solution ensures a frictionless CyberOps
experience and enables organizations to scale up their security operations while keeping up with evolving threats.
VMblog:
Black Hat is known for its energetic and interactive booths. What unique
experiences or demonstrations do you have planned to engage attendees at your
booth? What will you be showing off at the show this year?
Polak: Recognizing
the immense pressure security analysts face in today's complex threat
landscape, we are excited to reintroduce our popular punching bag activity at
our Black Hat booth. This engaging activity allows analysts to knock out their
stress while tackling AI-powered attacks. Additionally, our live leaderboard is
back, enabling participants to compete for the highest score! We invite
everyone to visit our booth and discover how Securonix EON delivers knockout
power against cyberattacks. After completing their punching session, visitors
are invited to hear about the latest analyst efficiency innovations delivered
by Securonix - Noise Canceling SIEM and Cyber Data Fabric.
VMblog: Black Hat attendees are
known for being security professionals at the forefront of the industry. What
specific challenges do you anticipate they'll be facing, and how will your
solutions help them overcome those challenges?
Polak: The
escalation of AI-powered attacks and adversaries is challenging organizations
that already face the hurdles of ever-expanding attack surfaces, new regulatory
and compliance pressures, and resource constraints. Securonix unveiled
Securonix EON, a groundbreaking suite of AI-Reinforced capabilities, to respond
to these challenges by using Amazon Bedrock to provide a powerful, unified
analyst experience with advanced AI capabilities.
VMblog: What are some of the key
takeaways of your solution that Black Hat attendees should be aware of?
Polak: The
Securonix Unified Defense SIEM platform recently underwent a major update in
the form of Securonix EON to reinforce all layers of its industry leading SIEM
with AI. Securonix EON was designed specifically for customers to leverage AI
to protect themselves against a threat landscape that features an increasing
number of AI-powered attacks. Securonix plans to continue to roll out new
features for the Unified Defense SIEM platform over the course of 2024.
During
RSAC we announced the following AI-Reinforced capabilities:
- Insider Threat
Psycholinguistics, which utilizes the science of deciphering psychology from
language powered by Amazon Bedrock and provides entity and activity-based risk
scoring to uplevel insider threat hunting capabilities.
- Adaptive Threat Modeling,
which leverages machine learning to develop adaptive
threat models and dynamic threat chaining of violations with anomaly detection,
enabling analysts and CyberOps teams to identify never-before-seen attack
chains in near real-time
- InvestigateRX, which converts
retrieved targeted and objective content into a coherent and context-aware
summary to empower analysts to make swift decisions and save approximately 15
minutes per incident.
VMblog: Is your company launching
anything new at the show? Without giving too much away, can you give us a
sneak peek?
Polak: Yes,
we are announcing two new features within the groundbreaking Securonix EON
suite of AI-Reinforced capabilities, which the team is very excited about.
These include:
- Cyber Data Fabric, which gives
organizations complete control in orchestrating their data for ingestion,
analysis and storage to meet their security and compliance needs.
- Noise Canceling SIEM, which dramatically reduces
alert fatigue by intelligently suppressing up to 50% of total alert volume,
allowing security analysts to focus on critical threats.
VMblog: The market is a crowded
space. What is it about your company and technology that sets you apart
from the competition? What are your differentiators?
Polak: Recently named a leader for the fifth
consecutive time in the Gartner Magic Quadrant for Security Information and
Event Management (SIEM), Securonix has an unparalleled history of innovation
and develops and deploys solutions that empower CyberOps teams to detect and
respond to threats with 10 times the speed, precision, and efficacy. The
company pioneered User Entity Behavior Analytics (UEBA) with an
analytics-centric approach to security monitoring and was the first to market
with a cloud-native next-gen SIEM.
Securonix again disrupted the
global SIEM market in 2023 when it officially announced the launch of the
industry's first Unified Defense SIEM. The Securonix Unified Defense SIEM
platform offers category-leading features that protect against insider threats
and other emerging security challenges. Unified Defense SIEM is the only
solution that provides enterprise organizations with 365 days of 'Hot' data,
category-leading integration of generative AI technology, and a seamless TDIR experience, all in a single platform. Built on top of Snowflake's data lake,
the cloud-native platform accommodates massive volumes of security-relevant
data in a single, unified viewpoint.
Securonix
EON's newly introduced AI-Reinforced capabilities are powered by Amazon Bedrock
and Anthropic AI Claude to give partners and customers the most advanced
enterprise-grade generative AI technology that exists. It utilizes this cutting-edge technology
to make life easier for security teams, reducing
false positives, making detection more resilient, and reducing the need to
develop threat-specific content. The unique behavior analytics
capabilities provided by Securonix are perfectly aligned to insider threat use
cases, where approaches based on threat indicators or known threat behavior are
not effective.
Our customers have reported clear
improvements to their insider threat programs due to the adoption of insider
threat psycholinguistics - and adaptive Threat Modeling has been identifying
new threats to customers without impact from false positives and with no need
to wait for the development or tuning of new detection content.
VMblog:
Looking ahead, what excites you most about the future of cybersecurity,
and how do you see your company playing a role in shaping it?
Polak: Groundbreaking innovations
and expanding applications of emerging technology are truly changing our world
- and we all have a front-row seat seeing what AI can do for our personal lives and
businesses. For over a decade, Securonix has been at the forefront of AI-driven
security. Our pioneering work in UEBA technology, AI-Reinforced SIEM and
continuous innovation underpins our solutions. As the industry's largest
independent SIEM provider, we are uniquely positioned to usher in the new era
of AI-Reinforced CyberOps.
The April 2024 launch of
Securonix EON plays a major role in helping organizations keep up with the AI
race against adversaries, as it provides customers
with a comprehensive strategy to combat cyber
threats and detect and defend against adversaries with greater speed,
precision, and efficacy than ever before. Threat actors are continuously
evolving, and it is our responsibility to help our customers stay ahead of the
escalating threat curve. We believe our AI-Reinforced platform is more than a
solution, but rather the cornerstone of a comprehensive strategy to stay one
step ahead of cybercriminals.
##