©2019 Cyber SecBI, All Rights Reserved.

Disruptive Cybersecurity AI Technology

Arie Fred

VP, Product Management

September 2019

AUTONOMOUS INVESTIGATION™

©2019 Cyber SecBI, All Rights Reserved.

SecBI Profile

Making detection and response quick, accurate and simple

AI-based Autonomous Investigation™ technology mimicking an expert analyst at machine speed

A unique SW-based approach to network traffic analysis

Sector-agnostic customers including Fortune 500 and Global Enterprises

Offices: Tel Aviv (Global HQ) and North America

Main investors: JVP, Orange and CI

©2019 Cyber SecBI, All Rights Reserved.

Advanced Threats – Complex Challenges

Full Scope Detection & Response

Accelerated breach response Forensics and compliance enabler

Attacks hidden as benign activity bypass prevention

systems

Sporadic anomalies

Securityanalyst

gap

False positives/ Alert fatigue

Partial remediation

Missing Stealthy IOCs

“Noisy” detection

AutomatedThreat Hunting

Long, complex,expert “hunting”

Undetected threats

Long dwell time

Successful breaches

and damage

©2019 Cyber SecBI, All Rights Reserved.

Platform Description

Data Collection

Roaming UserBranch OfficeCorporate Office BYOD UserIoT

Cluster-wide Analytics

Playbooks & Workflows

Remediation Prevention

Integration

Threat

Hunting

Breach Response

Threat Intelligence

Enhancement

Machine Learning

Full Scope Detection

Response

Investigation

Configuration & Management

Reporting

ADMIN

Web

Mail

EPP

AD

TI

…

RealtimeActivation

©2019 Cyber SecBI, All Rights Reserved.

Out-of-the-box SOC Integration

SIEM/SOARCase Management

Endpoint

Infrastructure & Tools

Customizable playbook libraryAPI, syslog streaming, file transfer

Software-based, agent-less, VM or cloud

Network and email

©2019 Cyber SecBI, All Rights Reserved.

Technology: Autonomous Investigation™

Benign activity 1. Unsupervised Machine Learning

10x Billions of logs

2. Cluster-wide detectionAlerts on suspicious events

Exfiltration: Users, downloader, C&C

& malicious activities

& false positives

Cryptojacking: Devices, fileless, mining pool

3. Enrichment

©2019 Cyber SecBI, All Rights Reserved.

The Ultimate Hunting Tool

Several (unknown) devices, infected with (unknown) malware,

beaconing to (unknown) destinations, with no apparent frequency, they might be exfiltrating (an

unknown amount of) data, they might be using (an unknown) client that is usually not found on the

(unknown) user’s (unknown) device, which started by an infection since (unknown)

days/weeks/months

• Days to develop• Hours to run• Hours to review

• Seconds to query• Seconds to run• Minutes to review

vs

Hunting Hypothesis:

Billions of LogsThousands of

Behaviors

FieldsDomain Expertise

Features

Days Minutes

©2019 Cyber SecBI, All Rights Reserved.

Mimic an Expert Analyst at Machine Speed

A new level of SOC automation

Making detection and response quick, accurate and simple

Solving the most impactful and complex SOC challenges:

• Threat detection, investigation, hunting, triage, IR

AI-based Autonomous Investigation™ technology

• Groups all incident data regardless of patterns

• Reconstructs complete activities

• Detect malicious activity on a complete dataset

Unique Process of Hunting -> Detection -> Response

8

THANK YOU

Stop Chasing Anomalies and AlertsAutomate threat detection & response.

www.secbi.com

Please contact: Arie.fred@SecBI.com