Abstract Security Brings AI to Next-Gen SIEM

  /     /     /  
Publicated : 23/11/2024   Category : security


Abstract Security Brings AI to Next-Gen SIEM


The startups AI-powered data-streaming platform separates security analytics from compliance data.



Abstract Security has emerged from stealth with a platform designed to centralize security analytics, speed up threat detection, and triage alerts so that security analysts can focus on actually managing and resolving security incidents.
The startup, which raised $8.5 million in seed funding, will use its platform to shake up the security information and event management (SIEM) market, says Colby DeRodeff, the companys co-founder and CEO. Despite plenty of talk about next-gen SIEM, little has focused on addressing the underlying challenge: that the technology cant handle the scale of data being collected or deliver actionable alerts quickly enough, he says. But the way Abstract Security handles data collection and storage enables its detection engine to provide analysts with alerts much sooner and at a lower cost, he says.
Abstract Security keeps the security data in data streams and uses machine learning to apply prebuilt and user-defined detection rules to find correlations between streams. Using the streaming model helps Abstract avoid latency, lowers time to detection, and reduces mean time to response, DeRodeff says. In other words, analysts arent waiting 45 minutes for the system to index the data before they can interrogate it.
Abstracts data-centric approach represents the future of detection, said Matt Bigge, partner at Crosslink Capital, in a statement. Crosslink Capital participated in the companys seed funding round.
Enterprises are storing terabytes of data, but most of the data they are sitting on — as much as 95% of collected log data — is neither useful nor relevant for detecting security issues and incidents, DeRodeff says. He describes customer meetings where the customer would be unable to detect attack simulations.
They were not collecting the right data, DeRodeff says, noting that enterprises face a data conundrum. Security teams can define the detection rules based on the type of data they have, but they also have to decide what data to collect based on the detections they want to have.
Abstract Securitys platform bifurcates security and compliance, DeRodeff says, by directing security-relevant data into streaming databases and storing everything else separately. This increases detection effectiveness and lowers computing and storage costs, while still helping enterprises meet their compliance obligations.  
In todays shifting cyber landscape, understanding which data is vital for security and which is collected for compliance or forensics is crucial, says strategic adviser Tom Reilly, who is also an investor in the company. Otherwise, organizations pay a hefty price for unnecessary data that simply isnt needed in their high-fidelity analytics packages.
Abstract Securitys beta customers span a variety of industries, including a major insurance provider, a global healthcare provider, a Fortune 500 company in the financial services space, and a B2B tech company, the company said.

Last News

▸ Beware EMV may not fully protect against skilled thieves. ◂
Discovered: 23/12/2024
Category: security

▸ Hack Your Hotel Room ◂
Discovered: 23/12/2024
Category: security

▸ Website hacks happened during World Cup final. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Abstract Security Brings AI to Next-Gen SIEM