©2019 Cyber SecBI, All Rights Reserved.
Disruptive Cybersecurity AI Technology
Arie Fred
VP, Product Management
September 2019
AUTONOMOUS INVESTIGATION™
©2019 Cyber SecBI, All Rights Reserved.
SecBI Profile
Making detection and response quick, accurate and simple
AI-based Autonomous Investigation™ technology mimicking an expert analyst at machine speed
A unique SW-based approach to network traffic analysis
Sector-agnostic customers including Fortune 500 and Global Enterprises
Offices: Tel Aviv (Global HQ) and North America
Main investors: JVP, Orange and CI
©2019 Cyber SecBI, All Rights Reserved.
Advanced Threats – Complex Challenges
Full Scope Detection & Response
Accelerated breach response Forensics and compliance enabler
Attacks hidden as benign activity bypass prevention
systems
Sporadic anomalies
Securityanalyst
gap
False positives/ Alert fatigue
Partial remediation
Missing Stealthy IOCs
“Noisy” detection
AutomatedThreat Hunting
Long, complex,expert “hunting”
Undetected threats
Long dwell time
Successful breaches
and damage
©2019 Cyber SecBI, All Rights Reserved.
Platform Description
Data Collection
Roaming UserBranch OfficeCorporate Office BYOD UserIoT
Cluster-wide Analytics
Playbooks & Workflows
Remediation Prevention
Integration
Threat
Hunting
Breach Response
Threat Intelligence
Enhancement
Machine Learning
Full Scope Detection
Response
Investigation
Configuration & Management
Reporting
ADMIN
Web
EPP
AD
TI
…
RealtimeActivation
©2019 Cyber SecBI, All Rights Reserved.
Out-of-the-box SOC Integration
SIEM/SOARCase Management
Endpoint
Infrastructure & Tools
Customizable playbook libraryAPI, syslog streaming, file transfer
Software-based, agent-less, VM or cloud
Network and email
©2019 Cyber SecBI, All Rights Reserved.
Technology: Autonomous Investigation™
Benign activity 1. Unsupervised Machine Learning
10x Billions of logs
2. Cluster-wide detectionAlerts on suspicious events
Exfiltration: Users, downloader, C&C
& malicious activities
& false positives
Cryptojacking: Devices, fileless, mining pool
3. Enrichment
©2019 Cyber SecBI, All Rights Reserved.
The Ultimate Hunting Tool
Several (unknown) devices, infected with (unknown) malware,
beaconing to (unknown) destinations, with no apparent frequency, they might be exfiltrating (an
unknown amount of) data, they might be using (an unknown) client that is usually not found on the
(unknown) user’s (unknown) device, which started by an infection since (unknown)
days/weeks/months
• Days to develop• Hours to run• Hours to review
• Seconds to query• Seconds to run• Minutes to review
vs
Hunting Hypothesis:
Billions of LogsThousands of
Behaviors
FieldsDomain Expertise
Features
Days Minutes
©2019 Cyber SecBI, All Rights Reserved.
Mimic an Expert Analyst at Machine Speed
A new level of SOC automation
Making detection and response quick, accurate and simple
Solving the most impactful and complex SOC challenges:
• Threat detection, investigation, hunting, triage, IR
AI-based Autonomous Investigation™ technology
• Groups all incident data regardless of patterns
• Reconstructs complete activities
• Detect malicious activity on a complete dataset
Unique Process of Hunting -> Detection -> Response
8
THANK YOU
Stop Chasing Anomalies and AlertsAutomate threat detection & response.
www.secbi.com
Please contact: [email protected]