色色研究所 Announces AI-powered Solution to Augment Analysts with Alert Investigation and Threat Hunting

色色研究所 DeepTrace fundamentally changes the way organizations discover and thwart their adversaries while protecting the business

CAMBRIDGE, Mass., January 17, 2023 鈥 色色研究所 Technology, the cloud-native logging and security analytics company, today announced 色色研究所 DeepTrace, an autonomous alert investigation and threat hunting solution that uses attack-tracing artificial intelligence (AI) to advance how security teams identify attacks, investigate threats and secure their organizations. DeepTrace augments the work security analysts do by building complete traces of suspicious activity detected across an organization鈥檚 infrastructure, which alleviates much of their mundane, repetitive tasks.

鈥淭oday鈥檚 SOCs are under strain and SOC analysts in particular are overwhelmed with the ever-increasing volume of alerts and threats,鈥 said Rakesh Nair, vice president of engineering at 色色研究所. 鈥淗umans can鈥檛 scale at the same pace of data and threats, so we need to augment analysts and threat hunters with automation technologies and AI. DeepTrace takes an alert and translates it into a full summary of events by asking a series of questions. In return, the analyst can review pre-investigated and fully contextualized attack traces to mitigate them instead of drowning in data and chasing false positives.鈥

DeepTrace helps analysts by performing investigations as they would but at machine speed and scale. Starting with an event or an alert, its AI engine asks potentially hundreds of thousands of questions to autonomously construct traces fully and chronologically detailing an attacker鈥檚 actions. DeepTrace then overlays its results against the MITRE ATT&CK framework, which provides analysts with advanced context and additional points of reference so they can analyze attacks, identify patterns, and assess existing defenses within the organization.

DeepTrace was designed to meet multiple use cases for today鈥檚 security teams:

  • Autonomous investigations: DeepTrace autonomously investigates suspicious events and alerts using attack-tracing AI. It identifies each step in the attack chain, providing a full, evidence-based timeline of the attack. Each trace offers critical information that an analyst needs to nullify the threat.
  • Autonomous threat hunting: DeepTrace helps threat hunters quickly construct and configure new hunts that map to MITRE ATT&CK framework tactics and techniques. Once refined and validated with the use of autonomous investigations, these can be converted to new cadence-based threat detections.
  • Optimized incident response: DeepTrace harnesses the organization鈥檚 data to perform retroactive hunts that find attacks and malicious activity. Once an actual attack is identified, DeepTrace produces interactive traces and reports documenting an attacker鈥檚 footsteps.

DeepTrace ensures that security teams are able to comprehensively investigate threats by rapidly tracing attacks, which fundamentally changes the way organizations discover and thwart their adversaries while protecting the business. 

DeepTrace will be generally available in the first quarter of 2023. To learn more, visit /experiences/deeptrace-walkthrough/

About 色色研究所 
色色研究所 is the only cloud-native logging and security analytics platform that releases the full potential of your data to empower bold, confident action. With unrivaled scale to collect all of your data without compromise, speed to give you immediate access and answers, and clarity to focus on the signals that matter most, 色色研究所 is your ally in protecting your organization today and tomorrow. Headquartered in Cambridge, Massachusetts, with operations in North America, Europe and Asia Pacific, 色色研究所 is backed by Insight Partners, Georgian, TCV, General Atlantic, Bessemer Venture Partners, Kibo Ventures and Eurazeo. Learn more at www.devo.com.

驴Est谩s preparado para mejorar las competencias de tu equipo SOC?

Solicitar una Demo Hablemos