Rubrik extends Microsoft collaboration around Sentinel to Azure OpenAI Service to add Generative AI to cyber recovery

The new collaboration will not be sold separately, but will be rolled into the existing offering around Rubrik and Microsoft Sentinel, meaning that partners will not have a new product to sell, but will have something new to show cutting edge capability to customers.

Cloud data management and data security vendor Rubrik has announced an extension of its partnership with Microsoft, specifically around Microsoft Sentinel. The new collaboration will integrate Rubrik Security Cloud with Microsoft Sentinel and Azure OpenAI Service. The addition of the Generative AI capability will offer what the companies are terming a truly actionable use of AI to reduce the time required to investigate and determine responses to cyber events.

Microsoft is an investor in Rubrik, investing a relatively small amount in them in 2021, and the two companies launched a strategic partnership in 2022 between Rubrik and Microsoft Sentinel. Yesterday, Rubrik just won Microsoft’s Partner of the Year award.

“All of our partnership and the investment that was part of it, stemmed from the same origins,” said Anneka Gupta, Rubrik’s Chief Product Officer. “We were both helping customers who wanted to store their data in the cloud. Many of our customers were on the Azure platform. Both ourselves and Microsoft noted that we had a growing list of customers, and there was probably more that we can do together, in what would be a better together story.  It was really all about where we can build joint products with Microsoft. We launched Rubrik Cloud Vault in early 2022 enabling cybervaulting for business, and today that is only for Azure.”

Rubrik can provide time series data insights directly into Microsoft Sentinel, to let customers address evolving cyber threats and safeguard their most sensitive information.

“This partnership extends the Sentinel integration and lays in the power of Generative AI to respond to a cyber event,” Gupta said. “This will augment humans, not replace them.”

The platform is designed to automatically create a recommended task workstream in Microsoft Sentinel created by Rubrik by leveraging large language models and generative AI through OpenAI.

Anneka Gupta, Rubrik’s CPO

“Using OpenAI deals with a lot of things you have to consider,” Gupta stated. “Where is the model being hosted – a third party, or somewhere you can control the environment. In enterprises it matters. The nice thing with Azure OpenAI is they are building that readiness and the issue is how do you tweak and build these for use cases and give customers choice. Transparency is a key part of it and Microsoft has done a good job there.”

Gupta acknowledged that Generative AI is still in its initial stages.

“It’s all extremely early right now, and we haven’t figured everything out,” she said. “It’s not the end game. It’s the start, where we can automate a lot of steps that are manual and recommend next steps to solve that. It doesn’t automate away everything around cyber recovery, but it simplifies the steps. Over time, it will cut time needed on steps by  weeks instead of by hours. Even with ChatGPT, many problems have been solved quicker than anyone could have imagined.”

Rubrik’s ability to provide time series data insights directly into Microsoft Sentinel enables organizations to address evolving cyber threats and safeguard their most sensitive information. The integration will empower security and IT teams to  streamline Incident Creation to help incident response teams prioritize alerts, by automatically creating an incident in Sentinel based on anomalous activity within Rubrik Security Cloud. It then automates the recommended task workstream by suggesting incident response, and accelerates Cyber Recovery by dynamically generating code for investigating the incident in Microsoft Sentinel.

“The key message in Large Language Modelling [LLM] is all about productivity gains for your customers,” Gupta said. “How do you reduce steps that a human would have to take to do the same work? We can use LLM for both broad and specific use cases, since Microsoft is experts on how to generate LLMs with the right quality of information.”

The new offering is not something that will be sold as a service on its own.

“We aren’t separately monetizing it,” Gupta said. “To use this, you have to be a customer of Rubrik and Sentinel. When I talk to partners, it won’t directly lead to more dollars for them. But they all want to be able to talk about cutting edge technology and showcase that they are on the forefront. It will showcase the way we are innovating. It can also be configured and set up on Sentinel today.”

Gupta said to look for more of these types of partnerships from Rubrik.

“Beyond Microsoft, we are investing a lot in security integrations in the ecosystems,” she noted. “What the channel should expect is many more of these going forward, like a partnering deal we announced with Zscaler a month ago.”