General15.08.2019

How to increase front-line cyber analyst capacity

RDA is a new class of software automation pre-built with reasoning and decision-making skills needed to tackle the complexity and high volume of data facing security teams today. It is Scalable, flexible, expert-trained software, that emulates human reasoning, for faster analysis and decision making. RDA combines the best of human judgement with the scale and consistent depth of analysis in software.

RDA delivers rapid and continuous value in an easy to deploy package. ROI is nearly instant, with “Decision-Bots” that come out-of-the-box ready to make sound cyber security decisions. No more authoring of rules, developing scripts, or processing big data sets. Decision-Bots literally perform like an expert security analyst immediately.

Murray Benadie, MD of Zenith Systems says that this new class of technology is a vital game changer for organisations trying to stay one step ahead of cyber criminals. Having been in cyber security for many years, we have become conscious of the huge challenge our customers have in hiring and retaining suitably skilled cyber security professionals. There is just such a shortage, that it is almost impossible to stay sufficiently staffed, particularly at a reasonable cost. Furthermore, businesses and their security operations struggle to keep pace with an overwhelming amount of security alerts generated in ever-changing IT and threat environments.

This new class of software, Robotic Decision Automation (RDA), automates deep human analytical reasoning in easily deployed packages to help CISOs and their teams extend the capacity of their understaffed, frontline security teams. With built-in expert judgement delivered via “Decision Bots,” teams become vastly—by orders of magnitude—more effective with faster, more accurate decisions about the likelihood of security incidents, which leads to quicker, more informed responses. The Respond Analyst, enables large teams to better allocate resources across reactive and proactive security tasks, help small teams extend their capabilities to 24/7/365 and empower every team to monitor and triage security events at unprecedented speed, scale and consistency.

Benadie continues to say that “Respond has been hugely valuable to customers with or without SIEM/SOC solutions, as it can be used either in conjunction with SIEM tools such as Splunk and  QRadar or as a standalone solution. Exponentially increasing the cyber analyst capacity is hugely compelling for customers.

“Furthermore, customers with SIEM are no longer reliant on the incessant process of writing new rules and use cases, thereby ensuring they get real value out of their SIEM investments and customers with Elastic or Hadoop can now get the security visibility lacking in these environments” Benadie says.

Sign up to the MyBroadband newsletter