The Problem This Solution Solves
While SIEM and SOAR modernization will be a giant leap forward in streamlining and automating a multitude of operator tasks, a large gap will still exist in how fast the operators can respond to new threats and relate them to ongoing event alerts.
The DoD seeks an innovative commercial solution that can harness the power of AI/ML to drastically reduce the time it takes for cyber operators to address malicious activity on the DODIN by acting as a “virtual tier one operator.” The solution should be aimed at automating some of the triage, analytical, and investigative work that make up the bulk of an analyst’s workload.
The Solution
Mandiant Automated Defense (Formerly Respond Software’s Respond Analyst) eliminates human bias or fatigue of monitoring security alerts and maximizes the effectiveness of security teams by enabling analysts to go threat hunting and other security related activities. Automated Defense features decision automation software pre-built with the reasoning and decision-making skills needed to tackle the complexity and high volume of data facing security teams today. In addition, it automates the analysis and triage of security data at machine speed with depth and consistency. Its proprietary intelligent decision engine provides built-in reasoning and judgment to make better decisions faster. Automated Defense evaluates the event data stream in real-time from an organization’s existing security detection sensors and learns about its security infrastructure and network context. Using the latest advancements in artificial intelligence, machine learning, modern streaming architectures and unique Integrated Reasoning,™ Automated Defense acts autonomously— without a heavy system management burden, security engineering or long learning cycles.