DeepTempo announced new capabilities for Tempo, its deep learning-powered cybersecurity solution available as a Snowflake Native App on the Snowflake Marketplace. With enhanced fine-tuning, MITRE mapping integration, and seamless compatibility with existing SIEM systems, Tempo can map detected anomalies to their most likely MITRE ATT&CK sequences, providing enhanced context and actionable insights.

"Tempo operates upstream from a customer's existing SIEM, meaning that all enriched data and insights flow seamlessly into current workflows," said Evan Powell, founder and CEO, DeepTempo. "This ensures that security teams can continue leveraging their SIEM while benefiting from the enhanced intelligence provided by DeepTempo. Through the Snowflake Native App Framework and the capabilities of Snowflake Cortex AI, we can deliver improved protection to our users in a quicker and more cost-effective way."

Tempo's fine-tuning capabilities allow organizations to adapt models to their specific environments with ease of use, ensuring greater accuracy and relevance in detecting threats.  Users pay for the enhanced protection and threat isolation from their Snowflake account and Tempo runs within their environment. 

"The rapid progress of DeepTempo in deploying advanced deep learning based solutions for cybersecurity is exactly the sort of innovation we envisioned when we built the Snowflake Native App Framework," said Prasanna Krishnan, head of collaboration and horizon, Snowflake. "By bringing deep learning and other capabilities to the data within their own Snowflake accounts, customers can limit costly data movement and dramatically reduce time to value."

Security teams with pre-established response plans for specific cyber attack methods can trigger their reactions with unprecedented speed and precision with Tempo's MITRE ATT&CK flagged alerts seamlessly streaming into their existing SIEM platforms. This and other context significantly reduce mean time to respond (MTTR) and have been shown to save minutes or hours during active threats.

Using only network and cloud flow logs, the model can identify whether reconnaissance, lateral movement, data exfiltration, or other common attacks are occurring. Tempo now automatically tags all stored sequences with the closest MITRE ATT&CK techniques. Tempo also embeds this and other information in compact representations called embeddings, which are less than 1 percent the size of the original logs, enabling faster and more efficient analytics while reducing spending on log storage and analysis.