Arcanna.ai: Reducing risk in Cybersecurity

Siscale has developed a Cognitive Automation Platform, Arcanna.ai, which provides AI Assistance in Cybersecurity.

Siscale has developed Arcanna.ai, a Cognitive Automation platform to provide AI Assistance for SOC analysts when triaging and investigating cybersecurity alerts.

Arcanna.ai was designed and built to enhance teams of experts with the power of AI. It uses deep learning and NLP to enable the SOC Teams to extract insights and automate complex tasks which would ordinarily consume a lot of valuable time, or would not have been possible.

The product, with its capability to learn and adapt, gives security operations professionals the edge they need to keep things running smoothly while also creating additional capacity within the organisation that could be deployed on higher value activities.

Why do we need Arcanna.ai?

When it comes to Cybersecurity, there are two main issues SecOps teams are facing when triaging and investigating alerts.

Alert storms can have dire consequences on business continuity. In periods of time when alerts overflow the ordinary rate, security analysts become overwhelmed and missing important alerts that lead to business-critical damage such as access to confidential information.

Secondly,  alert fatigue is a big challenge for security analysts. This occurs when the personnel regularly dealing with alerts experiences high stress levels due to repetitive and tedious tasks in analysing hundreds or thousands of alerts. This results in the loss of attention, leading to attacks slipping past the analyst.

Triaging and investigating alerts is one of the biggest challenges in Cybersecurity due to an increase in sensors, devices and applications which need to be monitored, cybersecurity talent shortage and existing cybersecurity tools not being able to learn from expert's knowledge.

Security teams being overwhelmed with a high volume of daily threats to handle and workforce talent shortages means there is a need for a more streamlined alert triaging solution.

How does Arcanna.ai overcome challenges within Cybersecurity?

Deep learning approaches are a viable solution when dealing with large amounts of data; Cybersecurity included.

Siscale uses deep learning and NLP to facilitate faster responses to attacks thus reducing fatigue for analysts. Deep learning also preserves organisations knowledge for complex processes.

Considering the issues discussed, the alert triage module of Arcanna.ai assists organisations in overcoming the challenges.

Combining three elements, Arcanna.ai is designed to be a virtual member of an organisation's security team to provide AI Assistance for Triage and Investigation process:

  • By formulating the challenge of alert triaging as a binary classification task through deep learning, in which alerts are flagged as either true positives or false positives, Arcanna.ai processes alerts using standard natural language processing (NLP).
  • The process automation element within Arcanna.ai automates all the manual tasks after the deep learning model has escalated an alert, such as ticket creation. Simultaneously, Arcanna.ai’s value increases exponentially as more tasks are automated based on the decision of the AI model. This streamlines the process of incident remediation by integrating with additional security tools such as the Security Orchestration Automation and Response (SOAR).
  • As users perform the triaging and investigation process, the model improves and adapts to the particularities of the ecosystem in which it operates. Enabling users to directly influence the deep learning algorithm, without any coding knowledge required, is the backbone of Arcanna.ai’s innovative approach.

Arcanna.ai’s ability to encompass the knowledge of the organisation’s experts makes it a key virtual member of the security team that minimises human error and enhances each analyst's performance.

Share

Featured Articles

Kingfisher chooses Google Cloud as catalyst for growth

Google Cloud will support Kingfisher's digital ambitions with a range of solutions, from infrastructure to data analytics.

ICYMI: Cyber predictions for 2023 and trouble in paradise

A week is a long time in cybersecurity, so here’s a round-up of the Cyber Magazine articles that have been starting conversations around the world

Osirium shares its cyber predictions for 2023

Andy Harris, chief technology officer of Privileged Access Security company Osirium shares his insights for the industry.

ICYMI: Unloved emails and cybersecurity worth $500bn by 2030

Cyber Security

Cyber security market anticipated to reach $500bn by 2030

Cyber Security

ICYMI: 2022 ransomware trends and Christmas cyber threats

Cyber Security