Threat Intelligence & Incident Response

Adlumin announces new features and AI detections for MDR platform

New Honeypot feature, AI-Based Detections and Attack Simulation Tool Strengthen the Multi-Tenant Command Center for Security Operations

Adlumin, the security operations platform and managed detection and response (MDR) service provider keeping mid-market organizations secure, today announced new features and AI-based detections that advance its vision of delivering comprehensive, enterprise-grade security to organizations of all sizes. New capabilities, including honeypots, lateral movement alert upgrades, malicious scheduled task detection, and malicious script block add to a platform that is feature-rich enough for organizations to operate on their own, yet built specifically to amplify the skills and capabilities of managed service providers.

Built on a multi-tenant and cloud-based architecture, Adlumin’s patented Security Operations Platform gives services providers unmatched visibility and command across their entire customer constituency. Through the platform’s multi-tenancy, its Partner Portal gives managed service providers a comprehensive view of security across their customer base so they can monitor emerging threats and take swift action without the need to traverse different environments.

Through one platform and one license, Adlumin provides organizations of all sizes with the capabilities of a sophisticated security operations center (SOC), including threat hunting, incident response, vulnerability management, darknet exposure monitoring, compliance support and much more. This update to the platform extends its capabilities even further with a new Honeypot feature and AI-based detections.

Building on Adlumin’s multi-layered security approach, the new Honeypot feature provides customers with another way to detect threat actors already in their environment in order to quickly stop them before they access critical systems or data.

Adlumin’s Data Science team works closely with the Threat Research team to develop and evolve AI-based detections based on what they see happening across their customers and the broader industry. The team uses AI to detect activity that’s often hard to spot with the human eye, which enables faster detection and reduces the time a threat is active in a customer’s environment. Based on recent threat activity, Adlumin is developing and adding corresponding AI-based detections to the platform including:

  • Lateral Movement Alert Upgrades. A type of lateral movement often mimicked in penetration testing involves a generic, non-privileged client accessing several hosts in rapid succession – adversarial behavior that is easily lost in benign traffic. Enhanced lateral movement detections now aggregate individual suspicious activities from a generic user until they collectively project a high-fidelity threat signal.
  • Malicious Scheduled Task. Authenticated attackers can abuse Windows Task Scheduler to run malware. A new AI-based detection will enable Adlumin customers to defend against this vulnerability by combining a neural network that isolates process execution anomalies with subsequent checks for known indicators of compromise.
  • Malicious Script Block. Adlumin’s Data Science team uses a string-matching AI algorithm to detect malicious PowerShell executions. However, Script Block can often obfuscate this activity due to long command lines. A new hybrid detection logic with AI and domain knowledge rules will flag suspicious Script Blocks.

In addition to these new capabilities within the Adlumin platform, the company also announced the availability of a free attack simulation tool for Microsoft Office 365 environments. This free tool enables any organization to test three techniques attackers frequently use to compromise Microsoft 365 accounts so they can see if their current security tools detect the activity.

“While large enterprises invest vast resources and budgets to secure themselves from cyber threats, everyone else is at an extreme disadvantage. Middle market organizations in both the private and public sector have to protect themselves from the same threats targeting large organizations, but without the same resources. We founded Adlumin to even the playing field,” said Robert Johnston, CEO and cofounder of Adlumin. “We’re intently focused on giving organizations of any size the capabilities they need to protect against advanced and evolving threats. Our comprehensive platform is a critical component to empowering organizations and service providers to extend their skills and resources.”

Every feature of the Adlumin Security Operations platform is designed to serve three audiences: end user organizations who operate the platform independently, Adlumin partners who deliver security services to their customers using the platform, and Adlumin’s managed detection and response team that can work with service providers and/or end-user organizations. Each of these groups can operate every feature of the Adlumin platform independently, as well as collaborate and interact with each other through the platform, if or when required.

When working with Adlumin’s MDR team or other Adlumin partners, end-user organizations have full access to the Adlumin platform, providing unparalleled transparency into their security operations. In real-time, organizations can see their current network health, security risks, and potential threats. This transparency also enables organizations to ensure they’re always compliant with regulations that apply to their business and gives them the power to generate reports tailored to various compliance reporting requirements with a single click.

Adlumin will be demonstrating the capabilities and new features of its platform at RSA Conference 2023, April 24-27, 2023 in San Francisco, California. Visit Adlumin in the South Hall of the Moscone Center at booth #1761 or book a meeting in advance at https://go.adlumin.com/rsac-2023.

Visit AITechPark for cutting-edge Tech Trends around AI, ML, Cybersecurity, along with AITech News, and timely updates from industry professionals!

Related posts

New Relic Delivers AIOps For AI-Assisted Incident Response

Business Wire

Corvus Risk Insights Index™: Corvus

Business Wire

Cyble Appoints Former Attivo Networks Executive Vivek Kumar Sharma

Business Wire