CyberGlassAI (CGAI) goes beyond SIEM’s passive “see something, says something” monitoring and alerting approach. Using a machine learning engine to build profiles of user, system and network behaviors, CGAI creates baseline norms, called UEBA (User & Entity Behaviour Analytics). It then leverages UEBA to identify anomalies that deviate from the normal behavior and may pose a threat; trapping, alerting and responding accordingly. CyberGlassAI then adds both the behavior and the response to the library of automation to identify and act proactively. With CyberGlassAI’s artificial intelligence and automated response, CyberGlassTM “sees something, does something”; an automated first-responder to attack and mitigate the treat. CyberGlass with CyberGlassAI augments the IT team, empowering them with security-engineer capabilities; improving efficiency and effectiveness, and hardening the attack surface.Asset Discovery & Inventory | Event Log Tracking & Management | Scripting & Automated Response | Behaviour Analytics | Compliance Reporting
Direct Asset Access, Scripting & Automated Response with CyberGlassAITM
CyberGlassAITM‘s machine learning engine identifies abnormalities in baseline UEBA profiles. When those baselines are fall outside acceptable parameters, CyberGlassAI sends an alert to the CyberGlass console, alerts any engineers configured in the notification module of CyberGlass, enters a record in the PII Secured incident response record, where all actions, responses and outcomes are recorded, and initiates remediation routines. Should CyberGlassAI not be able to mitigate the threat, the engineer has direct access to the compromised asset without ever leaving the CyberGlass portal.
Automated response & remediation | Built-in script libraries | Script engine to build custom scripts | Machine-built scripts based on behaviors | Audit & reporting
CyberGlassAITM‘s machine learning engine builds profiles of user, system and network behaviour to create baseline norms; called UEBA (User & Entity Behavior Analytics). We then leverage UEBA to identify anomalies that deviate from the normal behaviour and may pose a threat; alerting and responding accordingly.
Detect compromised credentials | Identify unusual traffic patterns | Discover lateral movement | Uncover ports of entry & exit | Audit & reporting |Map required baseline to existing baseline | Alert on potential violations | Recommend changes to meet or exceed minimums | Generate audit-ready compliance reports