Threat Intelligence & Incident Response

Intezer expands its solution for MSSPs

Intezer, a leader in AI-powered technology for autonomous security operations, today announced the expansion of its solution for Managed Security Service Providers (MSSPs).

Intezer for MSSP uses AI to fully automate all Tier 1 SOC tasks and decision-making for MSSPs, enabling them to onboard new clients without having to hire additional analysts to manage triage of additional alerts. The Autonomous SOC Platform from Intezer provides capabilities that are tailored for MSSPs to ingest high volumes of endpoint, SIEM, and reported phishing alerts and automatically triage incidents for multi-tenant management.

This game-changing technology allows MSSPs to scale their operations with AI, open new revenue streams, and maintain healthy profit margins. By implementing the Autonomous SOC Platform, service providers can augment their SOC teams’ ability to handle an increased number of clients and alerts without compromising on efficiency or effectiveness.

MSSPs Moving Fast to Adopt Innovative AI Solutions

In 2023 as interest in adopting innovative AI-powered solutions for security operation centers took off, the customer base of the Autonomous SOC Platform grew by 400%. This growth included a number of MSSPs and Managed Detection and Response (MDR) providers, underscoring the unique challenges they face managing high alert volumes and the growing recognition of how AI-powered solutions could bolster their operations.

Legato Security, which provides its clients with comprehensive cybersecurity expertise, 24/7 monitoring and incident response services, successfully integrated Intezer to triage endpoint alerts from CrowdStrike, reported phishing emails, and SIEM alerts to scale their operations.

“We have a large volume of alerts produced every day and manually performing analysis on all of these threats is not scalable. Intezer has given us the ability to provide in-depth reporting in a timely manner. Moreover, having a private instance for us to upload potentially sensitive data was a “must have,” said Jesse Stoltz, the SOC Manager at Legato Security.

AI-Driven Incident Triage, Investigations, and Correlation

Intezer’s autonomous alert triage process is designed to investigate and make decisions like a top-notch Tier 1 SOC analyst, taking action to equip teams with immediate, high-quality analysis of every alert. Powered by Intezer’s artificial intelligence framework, this allows teams to bypass repetitive Tier 1 SOC tasks and concentrate on critical incidents.

Highlights of the AI-Powered Autonomous SOC Platform:

  • Automatically ingests alerts from connected endpoint, user-reported phishing, and SIEM tools.
  • Collects and analyzes evidence (including files, URLs, scripts, network data, logs, memory dumps, and more) to provide fast, comprehensive context about every incident.
  • Correlates the information with other alerts in order to enrich the decision-making process.
  • Identifies benign alerts and auto-resolves false positives to eliminate alert fatigue.
  • Escalates findings about high-priority serious threats that were uncovered (4% of alerts on average) and generates remediation suggestions.
  • Clusters threats across multiple environments while ensuring data privacy for clients.

Efficient Multi-Tenant Management and Reporting

The platform facilitates quick integration and onboarding, allowing for immediate automatic investigation of incoming incidents. Intezer’s AI technology is adept at identifying correlations across all tenants, enabling MSSPs to effectively manage multiple customers concurrently while safeguarding sensitive data.

These advanced capabilities ensure that MSSPs can provide deep investigation services and tailored remediation recommendations, with speed and detail that sets them apart from their competitors. Read more on the Intezer blog about the benefits of artificial intelligence-powered automation for MSSPs.

Explore AITechPark for top AI, IoT, Cybersecurity advancements, And amplify your reach through guest posts and link collaboration.

Related posts

Cybersecurity Platform Keeper Security Releases New report

Business Wire

Kaspersky positioned as Leader in the 2022 SPARK Matrix™ for MDR

PR Newswire

DomainTools Launches Global Partner Program