If you’re anywhere in the technology field these days, you cannot turn a corner without hearing about artificial intelligence (AI), especially tools like OpenAI, ChatGPT, Google Bard, and more. Cybersecurity is no different. Chief information security officers (CISOs) and other leaders are looking to leverage AI to bolster their programs and mitigate risks while vendors are rushing to integrate AI into their platforms.
Trend Micro, a vendor on the Acceleration Economy Cybersecurity Top 10 Shortlist, is an organization leading the charge. It recently announced the release of its Vision One platform, which brings together capabilities such as extended detection and response (XDR), attack surface risk management (ASRM), and zero trust, all powered by AI. In this analysis, I’ll take a close look at Trend Micro’s new offering, with a spotlight on its AI assistant, Companion.
An AI Assistant
Trend Micro empowers customers by having an AI assistant, Companion, as part of the Vision One platform. The AI assistant can accelerate workflows for security operations center (SOC) teams; manage the never-ending barrage of alerts and notifications; and identify anomalous behavior from the massive amounts of security logs that organizations are collecting. Companion helps free chief information officers (CIOs) and CISOs up so that they can tackle more strategic activities tied to business value and revenue generation or protection.
Companion’s Use Cases
Trend Micro provides several use cases and examples of Companion in action. These include activities such as contextualizing threat intelligence and forming an understanding of your attack surface to quickly explain multi-step attacks that traditionally would have taken several hours for an analyst to manually string together. I performed these activities earlier in my career; they are incredibly tedious and time-consuming, and they kept me from focusing on strategic business and security initiatives.
Another notable example is the platform’s potential contributions to threat hunting, where organizations are looking for specific techniques, tactics, and procedures (TTPs) or indicators of compromise (IOCs) from malicious actors across their complex environments. Traditionally, practitioners manually looked across environments, logs, and system data to identify behaviors matching specific patterns. Now, with the power of AI and context-rich search queries on top of the unified Trend Micro Vision One platform, these behaviors can be quickly identified, bringing together telemetry from the myriad of security tools that organizations are juggling.
Which companies are the most important vendors in cybersecurity? Check out
the Acceleration Economy Cybersecurity
Top 10 Shortlist.
Lastly, Companion can understand complex scripts, often used by malicious actors to both penetrate and persist in victim environments. Traditionally, practitioners would need to manually review these scripts and seek to identify what it is that the malicious actors are doing. Now, with the power of Vision One’s Companion, organizations can autonomously investigate these scripts and quickly get feedback from the AI assistant in plain language with regard to what the script is doing and how it is being used by the attackers.
The Challenge of Tool Sprawl
With its Vision One platform, Trend Micro looks to address a longstanding industry challenge: tool sprawl. Helping practitioners manage their security tooling is an incredibly important goal. The average organization is juggling more than 40 different security tools based on findings from Ponemon. This is leading to cognitive overload on security teams and arguably creating more risk than it mitigates as security practitioners spend more time managing their cybersecurity portfolio rather than addressing the risks identified by the tools.
Conclusion
Trend Micro’s Vision One platform provides a perfect example of the power of AI when it comes to cybersecurity use cases. It helps organizations tackle the complex modern attack surface and maximize the efficiency of their scarce security resources to mitigate organizational risks. It will be exciting to watch the platform, as well as others like it, continue to grow.
