GenAI is an industry buzzword widely applied for its cognitive capabilities. It employs dataset crawling for model training and responding to human queries, predominantly used by security analysts for investigation and analysis. GenAI models carry risks such as data poisoning, extraction attacks, and erroneous incident analysis decisions. Organizations must consider these risks during model training.
The technology empowers security operations with an automation-first, intelligence-driven, risk-based, threat-centric approach, ensuring swift incident response, threat containment, and insights into threat actors and their tactics. It also enhances information asset security preparedness.
A European postal operator wanted to improve its cybersecurity investigations. Infosys assisted by leveraging LLMs to provide context, attribution, and MITRE Att&ck mapping for security alerts. Resultantly, analysts conduct advanced analysis and threat hunting to uncover unknown threats and enhance cybersecurity effectiveness.
Capturing all essential events during a major cyber incident is crucial for analysts to correlate and assess its impact accurately. In such situations, the volume of generated events may become unpredictable and significantly increase. Frequently, critical events may be missed during ingestion into the SIEM platform due to volume or EPS-based subscription limitations. To overcome such situations, data pipeline solutions collect, process, and route data (event logs) by filtering out unnecessary data or by aggregating data into more manageable chunks. It prevents the ingestion of duplicate and nonessential events into the SIEM platform.
A US food processing company, in collaboration with Infosys, onboarded a data pipeline solution to optimize data ingestion into its SIEM platform, ensuring flexibility, scalability, and cost effectiveness. This reduced the firm's EPS subscription by 30%, without missing any critical correlation event.
To keep yourself updated on the latest technology and industry trends subscribe to the Infosys Knowledge Institute's publications
Count me in!