最后更新于2024年6月14日星期五14:16:08 GMT
在不断发展的网络安全领域, 在威胁面前保持领先不仅是一个目标,而且是一种必要. At Rapid7, we are pioneering the infusion of artificial intelligence (AI) into our platform and service offerings, transforming the way security operations centers (SOCs) around the globe operate. 几十年来,我们一直在利用人工智能技术, establishing patented models to better and more efficiently solve customer challenges. Furthering this endeavor, we’re excited to announce we’ve extended the Rapid7 AI引擎 to include new Generative AI capabilities being used by our internal SOC teams, 改变我们提供MDR服务的方式.
一种深思熟虑的人工智能模型部署方法
At Rapid7, one of our core philosophical beliefs is that vendors - like ourselves - should not lean on customers to tune our models. 我们部署人工智能模型的方法展示了这一信念, with a process that entails initially releasing them to our internal SOC teams to be trained and battle-tested before being released to customers via in-product experiences.
Another core pillar of our AI development principles is that human supervision is essential and can’t be completely removed from the process. 我们全心全意地相信我们模型的功效, 但现实是,人工智能也难免会犯错. At Rapid7, we have the advantage of working in lockstep with one of the world's leading SOC teams. With a continuous feedback loop in place between our frontline analysts and our AI and data science team, 我们一直在微调我们的模型, and MDR customers benefit from knowing our teams are validating any AI-generated output for accuracy.
Intelligent Threat Detection and Continuous Alert Triage Validation
The first line of defense in any cybersecurity strategy is the ability to detect threats accurately and efficiently. The Rapid7 AI引擎 leverages the massive volume of high-fidelity risk and threat data to enhance alert triage by accurately distinguishing between malicious and benign alerts, ensuring analysts can focus on only the alerts that are truly malicious. The engine has also been extended to include a combination of both traditional machine learning (ML) and Generative AI models to ensure new security alerts are accurately labeled as malicious or benign. 这项工作提高了信噪比, thereby enabling Rapid7 analysts to spend more time investigating the security signals that matter to our customers.
介绍我们的人工智能SOC助手
Generative AI is not just a tool; it's a game-changer for SOC efficiency. Our AI-native SOC assistant empowers MDR analysts to quickly respond to security threats and proactively mitigate risks on behalf of our customers. Because we fundamentally believe AI should be trained by the knowledge of our teams and vetted processes, 我们的SOC助理利用我们庞大的内部知识库. Sources like the Rapid7 MDR Handbook - a resource amassed over decades of experience cultivated by our elite SOC team - enable the assistant to guide analysts through complex investigations and streamline response workflows, 让我们的分析师领先一步.
Rapid7 is further using generative AI to carefully automate the drafting of security reports for SOC analysts, 通常是一个手动且耗时的过程. 超过11个,全球5000家客户, Rapid7 SOC每个月都会对大量的活动进行分类, with summaries that are critical for keeping customers fully updated on what’s happening in their environment and actions performed on their behalf. 而人工智能是简化报告构建和交付的关键工具, 生成的每个报告 Rapid7 AI引擎 是由我们的SOC团队增强的吗, 确保每个数据点都是准确的和可操作的. 除了提供专家指导之外, the AI assistant also has the ability to automatically generate incident reports once investigations are closed out, streamlining the process and ensuring we can communicate updates with customers in a timely manner.
安全AI/ML应用程序开发的推动者
我们知道,在开发生成式人工智能解决方案方面,我们并不孤单, and as such we’re also focused on delivering capabilities that allow our customers to implement and adhere to AI/ML development best practices. We continue to expand our support for Generative AI services from major cloud service providers (CSPs), 包括AWS Bedrock, Azure OpenAI服务和GCP Vertex. These services can be continuously audited against best practices outlined in the Rapid7 AI/ML Security Best Practices compliance pack, which includes the mitigations outlined in the OWASP Top 10 for ML and large language models (LLMs). 我们的持续审核过程, 由InsightCloudSec的分层上下文丰富, 提供了与人工智能相关的云风险的全面视图, 确保客户的人工智能资产是安全的.
MDR服务的未来由人工智能驱动
The integration of Generative AI into the 了解平台 is not just about helping our teams keep pace - it's about setting the pace. 具有无与伦比的可扩展性和适应性, Rapid7 is committed to maintaining a competitive edge in the market, particularly as it relates to leveraging AI to transform security operations. Our focus on operational efficiencies, cost reduction, and improved quality of service is unwavering. We're not just responding to the changing threat landscape – we're reshaping it.
MDR服务的未来就在这里,它是由 Rapid7 AI引擎.
