Verified Alerts are the Alerts that Matter: Operationally Efficient Cloud Breach Prevention
The reason why cloud threat detection is so difficult is for one reason – it requires expertise to make sense of vast amounts of disjointed data and alerts. There is too much data and alerts to sort though, aggregate, correlate, and determine if what is happening is a threat, a one-off, a mistake in employee […]
New Horizons in Cloud Security Part 2: Benchmarking and Novel Self-improving AI Framework for Maliciousness Classification Using Large Language Models
This blog was written by Amir Shachar, Director, AI and Research. As we saw in Part 1 of this blog series, New Horizons in Cloud Security, the new approach to leveraging large language models was outlined. In this blog, we will dive into the technical details. Logs as well as other telemetries (i.e. activity logs, […]
New Horizons in Cloud Security Part 1: Assembling LLMs to Discern Malicious Activities with “Integrated Learning”
This blog was written by Amir Shachar, Director, AI and Research. The digital landscape constantly evolves, increasing complexity to cloud security. In this dynamic environment, it’s becoming more and more challenging to pinpoint and assess the risks associated with cloud incidents, especially when the sequences in question straddle the line between malicious and benign intentions. […]
Unleashing the Power of Multiple AI Layers for Detecting Unknown Cybersecurity Threats
This blog is authored by Amir Shachar, Chief Data Scientist at Skyhawk Security. If you are reading this blog, you are probably wondering how to detect unknown unknowns in the realm of cybersecurity. The very nature of these unknown threats makes them difficult to detect using conventional security measures. However, by leveraging a platform that […]
Skyhawk Synthesis Security Platform mentioned in the 2023 Gartner® Emerging Tech: Security — Cloud Investigation and Response Automation Offers Transformation Opportunities
This post was written by Jennifer Gill, VP Product Marketing at Skyhawk. Skyhawk Security was recently mentioned in Gartner research, “Emerging Tech: Security – Cloud Investigation and Response Automation Offers Transformation Opportunities”, and we think that it really aligns with our vision and strategy. According to the Gartner report, “Cloud investigation and response automation is […]
The Science Behind our Security – Part 2: The Models
This post about models in cybersecurity was written by Jennifer Gill, VP Product Marketing at Skyhawk. In our first blog on the “Science Behind our Security”, we talked about the three pillars: Models, MBIs, and the Attack Sequence. In this blog, we will focus on the machine learning models. These models are a true differentiator […]
“Toxic Combinations” are Inadequate: A Case Study
Posture management has turned into an exercise in prioritization, but this hasn’t made us safer. This post was written by Chen Burshan, CEO of Skyhawk Security If a Tree Falls in the Forest… We all know the adage, “If a tree falls in the forest and nobody is there to hear it, does it make […]
Eliminate alert fatigue, prevent breaches, and protect your security team’s sanity. It can be done!!
Earlier this spring, the Google Cloud team talked about how AI can help organizations close the talent gap. AI and ML are great tools for any security team to use to help augment staffing issues while improving threat detection to prevent breaches. Skyhawk Security also leverages AI and ML in the Skyhawk Synthesis Security Platform […]
Next-Generation Threat Detection for Breach Prevention
Security companies are overwhelming security teams with cloud threat detection and response tools, but what does this really mean? What is cloud threat detection and response and what are the capabilities that security teams should look for in a cloud threat detection and response platform? This blog will go over the top capabilities for cloud […]
Three Reasons why SIEMs are not Enough
Security Information and Event Management (SIEM) tools are often used to detect threats. Rules are set up to monitor the environment and once a rule is violated, it triggers an alert. Security Operation Centers spend months configuring the rules to ensure that they are triggered only when malicious behavior is present. However, as you will […]