Trend Companion helps security analysts understand the meaning of alerts faster to better triage them, which is of critical importance in an environment where minutes matter.
Cybersecurity firm Trend Micro has launched their new generative AI tool, Trend Companion, designed for SOC analysts and CISO. Trend Companion is designed to reduce analyst time spent on manual risk assessments and threat investigations by driving streamlined workflows and enhanced productivity.“Trend Companion is an integrated chatbot within the Vision One platform, to help security analysts reduce the mean time to understand the alert so they can quickly triage it,” said Antoine Saikaley, Technical Director [Canada] at Trend Micro. “CISOs can also use it, logging in to ask specific questions.”
Saikaley provided more details about exactly how Trend Companion works.
“This is an entirely new feature part of the platform,” he said. “It closes the knowledge gap. Before a security analyst even looks at a workbench alert, once it is fed into the platform, we automatically use data models to generate high fidelity alerts with no false positives. We provide the data models automatically. From there, the system generates alerts for analysts, who set the thresholds to triage events. AI Companion comes in here in and helps the analyst understand how threats work. The analyst clicks on the Companion button and asks what the threat is doing. The analyst can also ask Trend Companion what a script is doing, and it will tell them.”
This process could potentially reduce time spent on manual risk assessments and threat investigations by 50% or more.
“It saves time, and that’s critical in these situations,” Saikaley said. “With all the ransomware threats out there today, it does not take much time to bring an organization to its knees. In one example I saw, it took 43 minutes – and that would be considered to be at the longer end of the time frame. So time is very important, especially as many companies now struggle to meet their deadlines for triaging.”
This type of Generative AI solution is no longer novel, but Saikaley believes that Trend has an advantage over its competition.
“AI is only as good as the data, being used,” he said. “We have a massive data lake with over six trillion threat queries. That makes us unique, in my opinion.” Using AI trained on this data, Trend blocked more than 146 billion threats, three billion of which were ransomware.
The AI models themselves are a combination of public and Trend’s own models.
“It is based on OpenAI’s GPT4 and the latest AI models, and is also in house as well,” Saikaley said. Concurrent with Trend Companion, Trend also announced today its latest evolution in generative AI, which integrates its global threat intelligence and millions of diverse sensor types.
Out of the gate, Trend Micro’s 13,000 Vision One customers already have access to Trend Companion.
“Eventually it will be a paid add-on, but right now, it is free,” Saikaley said. At some point in the future, that will change, and the customers will be properly notified.”
Saikaley also said this will be a big deal for Trend’s channel partners.
“It will help their customers increase efficiency,” he stated. “There will be less need to worry about the skillsets required because of the automation that this brings in.”