Managed detection and response (MDR) provider eSentire has announced eSentire AI Investigator, a machine learning-powered tool for querying asset and vulnerability data, security telemetry, and other sources of cybersecurity information. The goal? To improve security investigations, threat response, and threat hunting.
Even as novel vulnerabilities and new threat actors emerge, existing problems have a continuing presence. The growing pool of information, alongside the ongoing scarcity of human cybersecurity talent, drive the demand for automated tools for finding and fixing security issues. According to the company, eSentire AI Investigator uses generative AI (the same technology behind ChatGPT) to answer natural language queries from its MDR clients, providing information drawn from a variety of internal and external resources to show them how wider security events and trends could affect their businesses.
The eSentire services units also use eSentire AI Investigator to increase efficiency and reduce response time. The company said the tool is trained against eSentire's investigation data set of more than a million investigations and responses, shaped by human feedback from its Cyber Response Team, to find and suggest threat remediation measures quickly. Using eSentire AI Investigator, the company claimed a mean time to contain unknown threats of 15 minutes. The company also credited the tool for a global threat sweep that detected and defanged a recent Batloader malware campaign.
The eSentire AI Investigator tool is available in private preview through the eSentire Insight Portal.