Skyhawk Security Becomes First Cloud Security Company to Embed ChatGPT Functionality into the Threat Detection Process
March 29 2023 - 9:00AM
Skyhawk Security, the originator of cloud threat detection &
response (CDR), today announced the company is using ChatGPT to
enhance cloud threat detection and make it faster and easier for
customers to find and understand security incidents that might
otherwise fly under the radar.
Tests run by Skyhawk on the new ChatGPT features showed
measurable improvements in the speed of detecting breaches based on
anomalous activities, doing so at a much lower operational cost.
According to Skyhawk’s tests on various datasets, in 78% of cases
the platform produced alerts earlier when adding ChatGPT to the
scoring process. This capability is generally available to Skyhawk
customers today at no additional charge.
The company has incorporated ChatGPT in two unique ways:
- Earlier detection of
malicious activity. One of Skyhawk’s key advantages over
other security tools is its ability to show actual threats as they
are progressing on a graphical storyline known as an ‘Attack
Sequence’. Skyhawk’s new ‘Threat Detector’ feature using the
ChatGPT API is trained on millions of security data points from
across the web. It uses that data to help augment the Attack
Sequence technology’s scoring mechanism. Skyhawk’s existing scoring
mechanisms are based on proprietary machine learning technologies
that use malicious behavior indicators (MBIs) and then assign those
MBIs a score when they get to the point that something appears to
be worthy of an alert, known as a ‘Realert’. It solely alerts on
real threats, significantly reducing false positives. Adding
ChatGPT to the scoring system is one additional parameter that
vastly improves the confidence of a given score and enables the
platform to alert to anomalous behaviors earlier.
- Explainability of attacks as
they are progressing. An Attack Sequence correlates
multiple suspicious events to provide observability into the
validity of a potential attack and how it manifests. Today, Skyhawk
adds textual explanations (produced by ChatGPT) for the incidents
found by the platform. These appear in a new platform tab called
the ‘Security Advisor’. Having these textual explanations, in
addition to visual representations, helps organizations understand
incidents in greater depth and makes them more accessible to
security personnel.
“Lots of security companies are chasing the generative AI hype,
with superficial additions like using AI to help with remediation
recommendations. Skyhawk is doing something fundamentally
different,” said Chen Burshan, CEO of Skyhawk Security. “We are
using ChatGPT, and the world’s vast quantities of available
security data, to help score and assess risk levels of various
malicious detectors. It’s like asking thousands of security
researchers to advise during the investigation of an incident on
the risk of anomalous behaviors and to help define that risk. With
the well-known shortage of cloud security expertise, customers can
use Skyhawk’s unique approach of leveraging ChatGPT to overcome the
shortage in personnel, thus improving the time to detect and
respond, at a much lower operational cost.”
"As researchers, we continuously experiment with novel AI
algorithms to enhance our capacity to identify malicious
activities. The remarkable performance elevation we have achieved
by integrating large language models is just the beginning of what
we will be able to do with GPT and similar models,” said Amir
Shachar, director of data science at Skyhawk and author of
Semi-discrete Calculus. “We can prove that detection now happens
sooner – adding an additional level of confidence to our threat
detection platform that no other company has.”
To learn more about Skyhawk Security’s use of ChatGPT, please
join the upcoming webinar on April 25th at noon EDT by
registering here.
To learn more about Skyhawk Security’s comprehensive product
offering, visit https://skyhawk.security/. For continuing updates
follow Skyhawk Security on LinkedIn and Twitter.
About Skyhawk Security Skyhawk Security is
the originator of Cloud Threat Detection and Response (CDR),
helping hundreds of users map and remediate sophisticated threats
to cloud infrastructure in minutes. Led by a team of cyber security
and cloud professionals who built the original CSPM category,
Skyhawk Security evolves cloud security posture management far
beyond scanning and static configuration analysis. Instead, using
advanced ML sequencing of context-based behaviors, Skyhawk provides
CDR within a ‘Runtime Hub’ to quickly detect and remediate
malicious activities across multiple cloud platforms as they
happen. Skyhawk Security is a spin-off of Radware®
(NASDAQ:RDWR).
Media Contacts: Sherlyn
Rijos-Altman Montner Tech PRsrijos@montner.com
Mike SmithMontner Tech PRmsmith@montner.com
RADWARE (NASDAQ:RDWR)
Historical Stock Chart
From Jun 2024 to Jul 2024
RADWARE (NASDAQ:RDWR)
Historical Stock Chart
From Jul 2023 to Jul 2024