Trend Micro Brings Generative AI to XDR Platform
Trend Micro Inc. today launched a revamped extended detection and response (XDR) platform that leverages Microsoft’s generative artificial intelligence (AI) capabilities to make it simpler for cybersecurity analysts to use a Companion conversational interface to launch queries.
Lori Smith, director of product marketing for Trend Micro, said the Trend Vision One platform will be infused with additional AI capabilities enabled by large language models (LLMs) the company will add over the next several quarters to address the unique requirements of cybersecurity. Those LLMs will eventually supersede the need for the Microsoft generative AI service, which is based on the GPT 3.5 version of OpenAI’s AI platform, she added.
Trend Micro is also ensuring visibility into how each model handles any corporate data that is collected and that controls and isolation mechanisms are implemented to prevent the mixing of Trend LLMs with customer data.
The Trend Vision One platform provides cybersecurity teams with a range of sensors to collect data from email systems and cloud computing environments, network servers and internet-of-things (IoT) environments.
Companion makes it simpler to query the data collected from those sensors by automatically converting natural language search queries into a formal search syntax to launch queries. Explanations of event alerts, attacker scripts and command lines, along with mitigation recommendations, are then surfaced in plain language.
In addition to improving the productivity of security analysts, that approach will make the Trend Vision One platform more accessible to a wider range of cybersecurity professionals of varying skill levels, noted Smith.
Companion also reduces the alert fatigue that today conspires to increase turnover rates among cybersecurity teams that become burnt out over time, she added.
Cybersecurity teams, whether they realize it or not, are now locked in an AI arms race with cybercriminals who are undoubtedly leveraging generative AI to launch cyberattacks faster. Generative AI isn’t necessarily going to make those attacks more sophisticated, but they are likely to be launched in greater volume and become more targeted using insights surfaced by platforms such as ChatGPT.
As a result, the generative AI capabilities needed to combat those attacks will soon become table stakes for any cybersecurity platform, noted Smith. The most valuable asset any cybersecurity team has is time, so tools that enable cybersecurity teams to be more productive are going to be indispensable, she added.
It’s still early days as far as the usage of generative AI is concerned, but it’s not likely the need for cybersecurity professionals will be entirely eliminated. However, as cybersecurity teams become more productive, the number of open cybersecurity positions that need to be filled may be reduced.
In the meantime, cybersecurity teams should expect much of the toil currently required to secure IT environments to be sharply reduced as more AI advances are made. The challenge is redefining the roles within these cybersecurity team as it becomes more apparent which tasks are about to become automated.
