CF20: Cybersecurity Providers Making the Most of AI
Generative AI will transform cybersecurity.
![Cybersecurity providers and AI Cybersecurity providers and AI](https://eu-images.contentstack.com/v3/assets/blt10e444bce2d36aa8/blt92d86ca5292f6185/6523ecacab64d4e6decd3416/Gold-Twenty.jpg?width=700&auto=webp&quality=80&disable=upscale)
JÖRGE RÖSE-OBERREICH/SHUTTERSTOCK
Frost and Sullivan’s Martin Naydenov said Check Point Software Technologies is among network security AI-enabled providers. It uses AI to detect network anomalies, threats and misconfigurations. It’s also being used to optimize network flow.
Canalys’ Matthew Ball said CrowdStrike is among cybersecurity vendors that have launched AI offerings.
“Threat actors will weaponize generative AI to improve the monetization of their attacks," he said. "Technology vendors will embed it into their offerings to launch new subscriptions, drive upsell opportunities and increase customer retention rates on their platforms."
Ball said Microsoft is among cybersecurity vendors that have launched AI offerings. In March, Microsoft announced its Security Copilot, a generative AI-powered assistant like Microsoft’s other Copilot products. However, this is a purpose-built solution for the battle against cybersecurity threats.
Naydenov said Fortinet is among network security AI-enabled providers. It has incorporated AI to detect network anomalies, threats and misconfigurations. It’s also being used to optimize network flow.
Fortinet has added Fortinet Advisor, a generative AI assistant, to its portfolio of more than 40 AI-powered offerings.
Earlier this year, SentinelOne unveiled a new threat-hunting platform that integrates multiple layers of AI technology to deliver security capabilities and real-time, autonomous response to attacks across the entire enterprise. Security teams can ask complex threat and adversary-hunting questions, and run operational commands to manage their entire enterprise environment using natural language, and receive insights and correlated results to prompt actions across the cybersecurity ecosystem.
Naydenov cites Darktrace as a dominant AI cybersecurity vendor. In October, Darktrace unveiled its new Darktrace/Cloud solution based on its self-learning AI. The new solution provides visibility of cloud architectures; real-time, cloud-native threat detection and response; and prioritized recommendations and actions aimed at helping security teams manage misconfigurations and strengthen compliance.
Palo Alto Networks is among network security AI-enabled providers that use AI to detect network anomalies, threats and misconfigurations, Naydenov said. It also uses it to optimize network flow.
Naydenov said Group-B is among cyber threat intelligence AI-enabled providers. It uses AI for threat intelligence analysis, correlation and contextualization. It also uses it to reduce false-positives and improve risk prioritization.
Ball said Trend Micro is among cybersecurity vendors that have launched AI offerings. Last month, Trend Micro announced the launch of its new generative AI tool, Trend Companion, which it designed to help security analysts by driving streamlined workflows and enhanced productivity. The vendor said it could potentially reduce analyst time spent on manual risk assessments and threat investigations by 50% or more due to a plain language interface.
Cybersixgill is among cyber threat intelligence AI-enabled providers, Naydenov said. It uses AI for threat intelligence analysis, correlation and contextualization. It also uses it to reduce false-positives and improve risk prioritization.
IBM Consulting and Palo Alto Networks recently announced the expansion of their key strategic cybersecurity partnership. The collaboration drives end-to-end enterprise security, advancing AI security operations and accelerating cloud transformation.
Cisco is among network security AI-enabled providers that use AI to detect network anomalies, threats and misconfigurations, Naydenov said. It also uses it to optimize network flow. Last month, Cisco introduced new Security Suites that are built on zero trust principles and leverage AI to help secure users, protect infrastructures and accelerate the resolution of attacks.
During its recent AWS re:invent conference, AWS announced it is adding generative AI to its security tools Amazon Inspector and Amazon Detective. Amazon Inspector offers assisted code remediation using generative AI and automated reasoning, and can provide in-context code patches for multiple vulnerability classes. Amazon Detective helps security investigations by using generative AI to analyze multiple activities related to potential security events and find group summaries.
Naydenov said Cyberint is among cyber threat intelligence AI-enabled providers. It uses AI for threat intelligence analysis, correlation and contextualization. It also uses it to reduce false-positives and improve risk prioritization.
Nvidia offers a number of tools and frameworks aimed at helping enterprises adjust to the evolving cyber risk environment. The Nvidia Morpheus cybersecurity framework provides developers and software vendors with tools to build solutions that can proactively detect and mitigate threats while reducing the cost of cyber defense operations. To help defend against phishing attempts, the Nvidia spear phishing detection AI workflow uses Nvidia Morpheus and synthetic training data created with the Nvidia NeMo generative AI framework to flag and halt inbox threats.
Vectra AI provides AI-driven threat detection and response for hybrid and multicloud enterprises. The Vectra AI Platform delivers integrated signals across public cloud, SaaS, identity and data center networks in a single platform. The platform allows security teams to prioritize, investigate and respond to the most advanced and urgent cyberattacks in their hybrid environment.
The AI-driven Cybereason Defense Platform provides planetary-scale data ingestion, operation-centric malicious operation (MalOp) detection, and predictive response against modern ransomware and advanced attack techniques.
Gen’s cyber safety brands include Norton, Avast, LifeLock, Avira, AVG, ReputationDefender and CCleaner. It brings products and services in cybersecurity, online privacy and identity protection to more than 500 million users in more than 150 countries.
Last month, Onapsis unveiled a range of advancements to the Onapsis Platform, catering to cloud, hybrid and on-premises solutions. Onapsis Security Advisor now boasts enhanced AI engines that facilitate industry peer comparisons against hundreds of the world’s leading SAP customers. This allows CISOs and CIOs to benchmark their security initiatives, monitor progress, and deliver reports to their leadership and board. Additionally, the company has fortified its capabilities in boosting visibility into the SAP landscape.
AKATI Sekurity specializes in cyber defense operations and cyber defense center development. At a recent AI roundtable during Channel Futures Leadership Summit, AKATI Sekurity CEO Krishna Rajagopal said AI is incorporated into all of his company’s security offerings.
AKATI Sekurity specializes in cyber defense operations and cyber defense center development. At a recent AI roundtable during Channel Futures Leadership Summit, AKATI Sekurity CEO Krishna Rajagopal said AI is incorporated into all of his company’s security offerings.
Artificial intelligence (AI) is helping cybersecurity providers gain an upper hand against cyber crime while also giving cybercriminals additional advantages.
AI-powered solutions can sift through vast amounts of data to identify abnormal behavior and detect malicious activity, such as a new zero-day attack. In addition, AI can automate many security processes to improve SecOps.
Our latest CF20 is the second of a two-part series on providers doing business in the channel that are making the most of AI. This second part covers the impact of AI on cybersecurity providers.
The global AI in cybersecurity market is set to explode over the next several years, reaching nearly $155 billion by 2032. That’s according to Allied Market Research, which expects a compound annual growth rate (CAGR) of 23.6%. The AI in cybersecurity market generated $19.2 billion in 2022.
How Cybersecurity Providers Can Leverage AI
Martin Naydenov, senior industry analyst of cybersecurity at Frost and Sullivan, said there are many ways in which companies can leverage AI in cybersecurity. Some of the most effective use cases are threat detection and response, automated response, behavioral analysis and phishing detection.
![Frost and Sullivan's Martin Naydenov Frost and Sullivan's Martin Naydenov](https://eu-images.contentstack.com/v3/assets/blt10e444bce2d36aa8/blt74710ea49fc868e3/652402c220b29b81b03267ed/Naydenov-Martin_Frost-Sullivan.jpg?width=127&auto=webp&quality=80&disable=upscale)
Frost and Sullivan's Martin Naydenov
Other use cases include better security analytics and proactive security, such as application source code/API improvements, better network monitoring and more, he said.
“Ultimately, organizations are struggling with limited resources,” Naydenov said. “AI-enabled vendors empower organizations to improve their security posture significantly and can make a compelling business case that non-enabled vendors can’t. The incorporation of AI improves visibility, productivity and cost savings (possible reduction in security staff, delegating sources to more value-added tasks, eliminating point solutions, reducing total cost of ownership, etc.). These benefits will drive demand for AI-based security solutions.”
Generative AI Benefits Both Cybercriminals, Cybersecurity Providers
Matthew Ball, chief analyst at Canalys, which shares a parent company with Channel Futures (Informa), said for threat actors, generative AI presents significant opportunities to scale their existing operations, while enabling more to enter the ecosystem.
![Canalys' Matthew Ball Canalys' Matthew Ball](https://eu-images.contentstack.com/v3/assets/blt10e444bce2d36aa8/blt2b25493565dcee7e/6537d440e8b00e8464e312de/Ball-Matthew_Canalys.jpg?width=700&auto=webp&quality=80&disable=upscale)
Canalys' Matthew Ball
“The use of the technology will create a surge in ransomware attacks, as threat actors exploit more software vulnerabilities and use stolen credentials from more successful phishing campaigns,” he said. “Generative AI can be trained to identify vulnerabilities in code repositories and websites, as well as suggest ways to exploit them. This will increase zero-day attacks.”
On the other hand, generative AI will transform cybersecurity by augmenting existing operations within organizations, Ball said.
"The use of the technology will create a paradigm shift within security operations centers (SOCs), in terms of onboarding and training analysts with digital twins, automating detection and response processes, prioritizing alerts, and scaling and optimizing expertise by enabling faster and more informed decisions from huge datasets within security information and event management (SIEM) systems,” he said. “Analysis of attacks will be shortened by using generators to reverse-engineer malicious scripts to ascertain the what, how and when of each incident. Automated threat intelligence and trending, vulnerability reports, auditing, software inventory management, attack-path prediction, detection of new malware variants, policy creation, log analysis, intrusion detection and identifying abnormal and high-risk behaviors are all possible benefits.”
ChatGPT Changes Everything
According to Forrester’s Top Cybersecurity Threats in 2023, defending against attacks on machine learning (ML) and AI was a niche discipline until recently.
“When ChatGPT burst on the scene, the idea of generative AI and large language model (LLM) deployments in the enterprise suddenly became a reality,” it said. “Use cases for adversaries to use AI also emerged, which will help them scale and wreak havoc in ways they simply could not prior to the emergence of these technologies.”
The overwhelming majority of organizations will not experience an attack that uses −or an attack that targets − AI in the near term, according to Forrester.
“Adversaries do not need that level of sophistication yet,” it said. “Since it is more likely organizations will source AI from a vendor rather than build their own, it is important to understand how these vendors will protect their AI models. Cybersecurity relies on ML and AI for detection to an extreme degree. The vendors you rely on to identify threats as early as possible might be susceptible, making this topic a significant priority to interrogate vendors about.”
Based on feedback from analysts and recent news reports, we’ve compiled a list, in no particular order, of 20 cybersecurity providers that are incorporating AI into their offerings. Our list in the slideshow above offers a mix of well-known providers as well as lesser-known companies that are making big strides in AI.
About the Author(s)
You May Also Like