Security

Intezer’s new launch for SIEM Alert Triage in Autonomous SOC Platform

Intezer, a leader in AI-powered technology for autonomous security operations, is proud to announce the launch of its latest solution in the Autonomous SOC platform for automated triage of SIEM alerts (Security Information and Event Management). The artificial intelligence solution addresses resource challenges in security operations by automating the alert triage process to enhance efficiency and reduce the time to respond to security incidents.

As security teams are overwhelmed with the volume of alerts, alert fatigue and possible oversight of critical threats put organizations at risk. By expanding the Autonomous SOC platform to integrate with SIEM tools for AI-powered investigations and alert triage, Intezer alleviates the burden on security teams by offering an unparalleled level of automation and precision in SIEM alert management.

Key Features of Intezer’s AI-Driven SIEM Triage Solution:
  • Automated Alert Triage: Evidence about every alert is collected and analyzed, uncovering serious threats that initially appeared as low risk. Intezer’s artificial intelligence-driven analysis incorporates cross-referencing SIEM alerts with deep endpoint forensics and reverse-engineering for a comprehensive investigation of alerts.
  • Automatic Escalations: When the AI analysis identifies a SIEM alert that should be escalated to the user, it automatically creates a ticket in the existing case management system, which includes full context and recommended next steps.
  • Immediate Time-to-Value: The solution integrates seamlessly within minutes using a webhook trigger action that is built into all SIEM tools, requiring no additional engineering effort.
  • Cost-Effective: Intezer offers more cost savings than additional hiring or outsourcing to Managed Detection and Response (MDR) services, which can be prohibitively expensive and inconsistent.
  • High Accuracy and Efficiency: With the capability to auto-close up to 97% of false positive alerts with no human interaction and provide tuning suggestions to prevent up to 73% of benign alerts, Intezer significantly reduces noise and enhances focus on critical threats.

The introduction of SIEM triage in Intezer’s Autonomous SOC platform is another step towards addressing cybersecurity resource and talent scarcity, empowering security teams to fully automate their triage processes for SIEM, reported phishing email, and endpoint alerts. By mimicking the expertise of security analysts with innovative AI technology, Intezer enables security teams to improve efficiency, effectiveness, and reduce costs.

To learn more about supported integrations for SIEM alert triage (as well as endpoint security, email, and SOAR), visit Intezer’s Integration website page.

Previous ArticleNext Article