$33M for AI Tools: Can Intezer Solve the Cybersecurity Talent Crisis?
Written by: Alex Davis is a tech journalist and content creator focused on the newest trends in artificial intelligence and machine learning. He has partnered with various AI-focused companies and digital platforms globally, providing insights and analyses on cutting-edge technologies.
The cybersecurity sector faces a staggering talent deficit, with over 4 million unfilled positions worldwide and projections suggesting this could escalate to 85 million in just five years. This shortage poses significant risks as cyberattacks increase in frequency and sophistication.
An examination of the talent gaps plaguing cybersecurity
Intezer's recent funding of $33 million aimed at enhancing automated tools
Insights into the innovative technology that streamlines alert triaging
This article will provide a comprehensive look at how Intezer is positioned to tackle these challenges and the potential impact on organizations struggling to safeguard their digital assets.
Top Trending AI Automation Tools This Month
As businesses increasingly adopt technology, the demand for AI automation tools continues to grow. These tools streamline operations, improve efficiency, and enhance productivity. Here are some of the top trending tools that are making waves in the AI automation space:
4.8 million professional shortage in global cybersecurity workforce, a 19% year-on-year increase.
Skills
90% of organizations face skills shortages, with 64% viewing them as more serious than personnel shortages.
Future
85 million unfilled cybersecurity positions expected in the next five years, according to the World Economic Forum.
AI
Increased reliance on AI and automation to mitigate the cybersecurity workforce gap and handle security alerts.
PopularAiTools.ai
AUTOMATED TRIAGING FOR SECURITY ALERTS
Intezer's intelligent technology addresses the daunting task of triaging and investigating security alerts. Security teams often face an overwhelming volume of notifications, making it difficult to discern between major breaches and minor incidents. Intezer's solution streamlines this process:
Every alert is treated as a high-priority concern during the initial assessment.
The system efficiently determines the severity of alerts, saving time for security teams.
In contrast to traditional methods, which may take hours of investigation, Intezer reduces this time to approximately two minutes.
“In most cases, the time to investigate an alert ranges, for humans, between half-an-hour to four hours,” Tevet explained. The investigation includes examining various logs and associated activities, often leading to significant delays in response.
THE SECURITY GENOME PROJECT
Intezer is leveraging its previous research to enhance its offerings further. When last covered, the company had secured $15 million to develop what can be likened to a "genetic map" of security challenges:
This "DNA-style map" catalogs the myriad forms, origins, and connections within the cybersecurity threat landscape.
Intezer's innovative mapping contributes significantly to cybersecurity, as it was pivotal in identifying key attacks, including WannaCry's North Korean origins and linking Russian hackers to the Democratic National Committee breach.
Additionally, it was responsible for identifying a new malware family, dubbed “HiddenWasp,” associated with Linux systems.
Today, Intezer's platform integrates insights from this groundwork, enabling users to distinguish between trivial and critical alerts, and automatically triage notifications that require urgent attention. This development combines:
In-house innovations such as DNA mapping and remediation capabilities.
Utilization of third-party technologies for enhanced functionality.
For instance, Intezer employs OpenAI APIs to analyze natural language in internal communications, which feeds directly into its system for identifying potential security concerns.
ESCALATION OF ALERTS: THE 4% CHALLENGE
Tevet estimates that typically only about 4% of an organization’s alerts escalate to critical status. The significant challenge is determining which of those alerts require immediate attention:
Identify the root causes of alerts.
Prioritize which alerts potentially indicate serious breaches.
Efficiently investigate without overloading security teams.
Tevet shared two instances—one involving a major tech company and another within a large healthcare organization—where security teams initially dismissed what seemed to be low-risk alerts due to time constraints. Despite this, Intezer was able to reassess the situation, uncovering threats linked to a Chinese state actor.
This situation underscores ongoing challenges for Intezer as the cybersecurity landscape evolves. With an influx of new tools developed to detect security anomalies, they must navigate a tipping point where collaboration becomes crucial:
Companies are beginning to struggle with fundraising or are acquired by larger entities.
Intezer currently partners with notable security firms like Palo Alto Networks, Wiz, and CrowdStrike, presenting both opportunities and potential competitive challenges.
The future path for Intezer remains open, with ongoing discussions about possible integrations, although none have materialized into significant partnerships yet.
Intezer's Automated Triaging for Security Alerts
Latest Statistics and Figures
Intezer's AI-driven solution can auto-close up to 97% of false positive alerts with no human interaction and provide tuning suggestions to prevent up to 73% of benign alerts.
The platform reduces the alert investigation time to a fraction of what manual analysts take, with Intezer's automated triage being 60 times faster than manual analysis.
On average, only about 4% of alerts are escalated to the SOC team for immediate response after Intezer's automated triage.
Historical Data for Comparison
Over the last few years, the global shortage of cyber professionals has been a significant issue, with the World Economic Forum estimating a current global shortage of 4 million cyber professionals. This shortage has been a driving factor for the adoption of automated solutions like Intezer's.
Recent Trends or Changes in the Field
There is a growing trend towards using AI and automation in security operations to address the overwhelming volume of alerts and the shortage of skilled cybersecurity professionals. Intezer's Autonomous SOC platform is at the forefront of this trend, integrating with various security tools like SIEM, endpoint security products, and SOARs to automate alert triage and incident response.
The integration of AI models, including proprietary and third-party models, has become more prevalent. Intezer uses these models to enhance the efficiency and effectiveness of SOC teams, mimicking the expertise of security analysts.
Relevant Economic Impacts or Financial Data
Intezer's solution offers significant cost savings compared to additional hiring or outsourcing to Managed Detection and Response (MDR) services, which can be prohibitively expensive and inconsistent.
Intezer has recently secured funding to further accelerate its growth, with Norwest leading the latest round of funding, highlighting the economic viability and investor confidence in automated security solutions.
Notable Expert Opinions or Predictions
Experts emphasize that the holy grail for SOCs is tools that use intelligent automation to eliminate the bottleneck of manual work and reduce exposure. Intezer's solution is seen as a leader in this emerging category of AI SOC platforms.
The ongoing challenge of navigating the influx of new security tools and the importance of collaboration with other security firms are highlighted by industry analysts and Intezer's partnerships with notable security firms like Palo Alto Networks, Wiz, and CrowdStrike.
Frequently Asked Questions
1. What is Intezer's approach to triaging security alerts?
Intezer's intelligent technology addresses the daunting task of triaging and investigating security alerts by streamlining the process. Key aspects include:
Every alert is treated as a high-priority concern during the initial assessment.
The system efficiently determines the severity of alerts, saving time for security teams.
Intezer reduces investigation time from hours to approximately two minutes.
2. How does Intezer's solution benefit security teams?
Intezer’s solution significantly benefits security teams by reducing the time required to investigate alerts. Traditional methods can take anywhere from half-an-hour to four hours, while Intezer simplifies this process, allowing teams to:
Quickly assess alerts.
Identify genuine threats without being overwhelmed.
React in a timely manner, minimizing potential damage.
3. What is the Security Genome Project?
The Security Genome Project is an initiative by Intezer that creates a "genetic map" of cybersecurity challenges. This project includes:
A DNA-style map that catalogs various forms, origins, and connections within the cybersecurity threat landscape.
Insights that have been pivotal in identifying major attacks.
Detection of new malware families, such as “HiddenWasp”, associated with Linux systems.
4. How does Intezer differentiate between trivial and critical alerts?
Intezer integrates insights from its foundational research to enable users to distinguish between trivial and critical alerts, employing technologies such as:
In-house innovations like DNA mapping.
Utilization of third-party technologies for enhanced functionality.
5. What role does natural language processing play in Intezer's system?
Intezer employs OpenAI APIs to analyze natural language in internal communications, which feeds directly into its system. This process helps in:
Identifying potential security concerns.
Improving overall alert analysis.
6. How many alerts escalate to critical status in organizations, according to Tevet?
According to Tevet, approximately 4% of an organization’s alerts escalate to critical status. This statistic highlights the importance of:
Identifying the root causes of alerts.
Prioritizing which alerts indicate serious breaches.
Efficiently investigating to avoid overwhelming security teams.
7. Can you provide an example of Intezer's effectiveness?
There are instances, such as in a major tech company and a large healthcare organization, where security teams initially dismissed what seemed to be low-risk alerts. However, Intezer was able to:
Reassess the situation.
Uncover threats linked to a Chinese state actor.
8. What challenges does Intezer face in the cybersecurity landscape?
As the cybersecurity landscape evolves, Intezer encounters ongoing challenges which include:
Increased competition as companies struggle with fundraising.
Strategic partnerships with notable security firms like Palo Alto Networks and CrowdStrike.
9. What is Intezer's strategy for future partnerships?
Intezer’s future partnership strategy remains open, with discussions about possible integrations ongoing. However, no significant partnerships have materialized yet, which highlights:
The potential for collaboration in the evolving cybersecurity market.
Challenges in forming strategic alliances.
10. How does Intezer enhance its response to escalating cyber threats?
Intezer enhances its response capabilities amid escalating cyber threats by:
Leveraging past research and funding to upgrade its technology.
Streamlining alert triaging processes to ensure timely responses.
Continuously evolving its platform to better respond to new security challenges.