New Technology Scales Human Analyst Capabilities for More Effective Threat Detection Than SIEM or Current AI Tools; Reduces Chance of a Missed Breach by More Than 10X
MOUNTAIN VIEW, Calif., – February 1, 2017 – LogicHub today announced its emergence from stealth, an $8.4 million Series A funding round led by Storm Ventures and Nexus Venture Partners, and a new approach to threat detection that scales human security intelligence through automation, reducing the chance of a missed breach by more than 10X.
In today’s hostile security environment, corporate breaches go undiscovered for an average of 146 days, largely due to the fact that companies are over-reliant on SIEMs and other traditional tools. Nascent artificial intelligence (AI) solutions can’t yet solve for the gaps left by SIEMs and organizations are further hampered by extreme cybersecurity talent shortages. In fact, it’s estimated that there are currently more than 1 million cybersecurity positions unfilled.
Previously, companies failed to successfully apply automation to security because it takes these tools weeks or months to automate the same amount of work that analysts intuitively do every day. Also, new AI security solutions are still in their infancy and unproven at effectively combatting today’s threat landscape.
In response to the problems created by traditional tools, attempts at automation through pure AI and personnel shortages, LogicHub is developing the first software that automates human knowledge and expertise with the help of machine learning. With this innovative approach, the company is closing the gap that SIEMs can’t fill, keeping human intelligence at the core of its automation solution, and addressing talent shortages by multiplying the power of every cyber analyst tenfold.
LogicHub was cofounded by Chief Executive Officer Kumar Saurabh and Chief Product Officer Monica Jain. Together, they bring multiple years of security and technology industry experience to the company. As cofounder of Sumo Logic and an early ArcSight engineer, where he spent nearly a decade leading the team behind the ArcSight correlation engine, Saurabh deeply understands the need for a more sophisticated approach to address advanced persistent threats. Having managed the ArcSight flagship product Enterprise Security Manager (ESM) at HP, Jain has intimate knowledge of the insufficiencies of SIEM solutions when it comes to combating today’s cyber threats.
“If the headlines are teaching us anything at all, it’s that in spite of massive amounts of security events being collected every day, current rule– and search–based SIEMs and pure AI solutions are failing to detect a significant portion of security threats,” said Kumar Saurabh, cofounder and CEO, LogicHub. “At the end of the day, experienced cyber analysts are much better at detecting threats and triaging false alarms than the security tools available, but given the magnitude of the challenge, most teams can only inspect a tiny fraction of all security events collected in-depth. To combat this, LogicHub has found a way to capture and automate the knowledge and expertise of the most skilled cyber analysts, which results in much deeper threat detection.”
By using LogicHub’s human automation software, any new employee or junior-level analyst gains unhindered access to the security brain trust of the organization, thereby becoming as capable as the most advanced team members. With a knowledge base that is easy to search, use and share, organizations can quickly overcome challenges caused by security talent shortages. Additionally, if a security analyst departs an organization, their tribal knowledge stays within the company, rather than becoming lost or unusable.
“Security analysts are challenged daily by an overwhelming number of threat events that need to be assessed and prioritized. There's a significant gap between simply identifying a threat and actually prioritizing and remediating that threat effectively,” said Tom Austin, Research VP, Security Products, IDC. “LogicHub's new approach to threat detection uses threat ranking to help security analysts identify the most critical anomalies and quickly take action. The automation of prioritizing threat identification and response can significantly improve the efficacy of security operations and work to minimize exposure to risk.”