Video #1 – Overview
Video #2 – Passive Investigation
Video #3 – Active Investigation
Eva’s Brain Model
- Does the agent replace my SIEM? SOAR?
- No, the ai security analyst and the human security analysts both need the SIEM to perform well. You can use SOAR to automate a specific recipe to remediate and mitigate once the AI Security Analyst or the humans report an incident and contain it.
- Does the agent replace the need for Human Security Analysts?
- No, this is an industry with a huge skill shortage problem. Your human experts are going to be doing more important things than monitor alerts as they come, create incidents, conduct investigations, enrich case, decide on the best course of action and execute, over and over again every day. Humans will finally be allowed to put more time in areas that demand intuition and creativity like hunting and simulating stealthy attacks, sophisticated social engineering, risk management, etc, while machines do what they are best at crunching data and responding at scale.