Open Systems Launches MXDR Service Leveraging Microsoft AI
Open Systems this week launched a managed extended detection and response (MXDR) service for Microsoft environments that leverages generative artificial intelligence (AI) to augment a team of external cybersecurity professionals running a global network of security operations centers (SOCs).
Tom Corn, chief product officer for Open Systems, said the Ontinue ION service is designed to provide organizations with access to a cybersecurity team capable of managing security operations on a 24/7 basis. The service is based on a platform gained with the acquisition of Tiberium late last year. Tiberium developed a managed detection and response solution based on Microsoft Teams that leverages the Microsoft Power Platform to create a cybersecurity platform that is augmented by OpenAI, a generative AI platform based on large language models in which Microsoft has pledged to invest $10 billion.
Open Systems is using that AI platform specifically to identify areas where its own teams could be more efficient, noted Corn. The company has also created a specific Ontinue division to deliver its MXDR service alongside a portfolio of other managed IT services already being provided.
MXDR services have emerged as an alternative to traditional managed security service providers (MSSPs) that historically have only monitored IT environments, noted Corn. The challenge with those approaches is that, for the most part, MSSPs only generate alerts when there is a potential issue, he noted.
In contrast, an MXDR service provides a more proactive approach. The Ontinue ION service, for example, includes an optional Managed Vulnerability Mitigation (MVM) offering that leverages Microsoft Defender for Endpoint (MDE) software and threat intelligence data to continuously identify vulnerabilities that represent the greatest risk to a specific Microsoft environment, said Corn.
The Ontinue ION service can either replace or augment existing cybersecurity teams at a time when most organizations continue to find it difficult to hire and retain cybersecurity talent, noted Corn. Most organizations today are coming to terms with the need to rely more on external cybersecurity expertise. While some may opt to outsource cybersecurity operations entirely, others are trying to strike a balance by co-managing services in a way that fosters collaboration between internal IT teams and external service providers.
Regardless of approach, the need to manage cybersecurity more proactively has never been more apparent as both the volume and sophistication of attacks increase. It’s generally expected cybercriminals will soon be leverage generative pretrained transformer models, such as the one developed by OpenAI, to launch malware and phishing attacks that will be more difficult to detect. Like it or not, cybersecurity teams are now locked in an AI arms race with cybercriminals. The decision that needs to be made is how much to rely on external service providers for AI capabilities versus trying to augment their cybersecurity teams with AI capabilities themselves. The cost of acquiring AI capabilities, however, tends to favor relying more on an external service provider that has the resources needed to train AI models.
It’s not clear whether MXDR services will be adopted in place of more traditional managed services. But as cybersecurity challenges increase in complexity, most organizations will undoubtedly need to reevaluate their current approaches to securing their IT environments.
