Cymulate announced the release of its powerful new AI-powered detection
engineering assistant for security information and event management (SIEM) rule
threat coverage validation. Now, the Cymulate Platform automates and
streamlines the detection engineering process for blue teams and SecOps,
allowing them to build, test and optimize threat detection with AI-assisted
live-data attack simulations and customized threat detection.
With this launch,
Cymulate eliminates the friction of manual detection validation by automating
the correlation and testing process, answering the two most important questions
in modern detection engineering: "Does my rule work?" and "What threats does it
actually cover?"
This enables SecOps and
blue teams to identify coverage gaps and tune rules in minutes, whereas
previously, mapping detection rules to relevant threats required hours of
manual effort, reviewing rule logic, identifying threat coverage and testing
scenarios one by one.
By automating the
correlation between detection rules and Cymulate attack scenarios leveraging
advanced AI analysis, organizations can now ensure their SIEM rules are
continuously validated against real-world threats and optimized with
precision.
"Detection engineering
doesn't have to be complicated, and Cymulate applies AI to help organizations
across the globe drastically simplify their process. What once required lengthy
back-and-forth between detection engineers and red teamers can now be done in
just minutes," said Avihai Ben-Yossef, co-founder and CTO of Cymulate. "As
today's threat actors look to exploit security gaps faster and with more
sophisticated methods, it's clear that security teams need a continuous focus
on threat detection. Cymulate is proud to set the standard for exposure
validation, and our new SIEM solution applies the latest AI-driven automation
technology to address some of the most complicated areas in detection
engineering."
The Cymulate platform
now features deeper integrations with SIEMs and AI-powered analysis to map
detection rules to its extensive library of more than 100,000 attack scenarios.
Cymulate validates SIEM detection rules through live-data attack simulations,
which test and validate both detection logic and the collection of logs and
events required to support the rule.
The Cymulate Exposure
Validation Platform helps SecOps and blue teams:
-
Identify gaps in their
detection capabilities before adversaries can go unnoticed
-
Operationalize threat
intel to build custom threat validation
-
Understand when and why
existing threat detection fails to trigger
-
Accelerate detection
tuning with relevant indicators of behavior, pre-built Sigma rules and EDR
rule
- Maximize visibility and coverage across the
MITRE ATT&CK® framework