COGNNA Adds AI Agents to SOC Platform
COGNNA today unveiled a security operations center (SOC) platform infused with artificial intelligence (AI) agents trained to detect, analyze and respond to threats in a way that promises to dramatically reduce alert fatigue.
Company CEO Ibrahim Alshamrani said COGNNA Nexus is based on an open-source foundational AI model that has been customized using cybersecurity threat data to create AI agents capable of automating specific tasks.
Previously, COGNNA used open source AI models to train machine learning algorithms, It is now also taking advantage of small language models created using an open source foundation to create multiple AI agents, which are then integrated with a single master agent, through which cybersecurity teams can orchestrate the management of multiple tasks on an end-to-end basis, he added.
Each cybersecurity team will need to determine to what degree to rely on AI agents to automatically respond to threats, but at the very least, it is now possible to analyze massive amounts of threat data, said Alshamrani.
The overall goal is to enable cybersecurity teams to reduce incident response times by being able to be far more proactive, he noted.
That’s crucial in an era where cybercriminals are accessing many of the same AI technologies to launch more sophisticated attacks at levels of unprecedented scale, added Alshamrani.
It’s not clear how quickly cybersecurity teams will be replacing existing SOC platforms with alternatives that have built-in AI capabilities, but it may now only be a matter of time. Too many IT teams today rely on a hodgepodge of tools and platforms that are not especially well integrated. That makes collecting the telemetry data needed to train AI models more problematic than it is for organizations that rely more on an integrated SOC platform.
Like it or not, cybersecurity organizations are now locked in an AI arms race with adversaries that have, in comparison, nearly unlimited resources. The only issue that remains to be determined at this point is to what degree cybersecurity teams will be centralizing the management of cybersecurity tools and platforms in the age of AI.
There is, of course, already no shortage of SOC platforms that have been infused with AI capabilities. COGNNA, however, uniquely provides cybersecurity teams with the option of invoking its platform as a service or in an on-premises IT environment, said Alshamrani.
Each organization will need to carefully evaluate the capabilities being provided today, with an eye toward advances being made, as reasoning engines built into LLMs become more robust in the months and years ahead.
It’s not likely AI technologies will eliminate the need for cybersecurity professionals any time soon, but the level of expertise required to succeed should decline by reducing, for example, the need to learn a proprietary programming language to take advantage of a security orchestration, automation and response (SOAR) platform.
In the meantime, cybersecurity teams should be creating a list of the rote tasks that will soon be performed by AI agents, which should provide them with more time needed to combat threats that are only becoming more challenging to thwart with each passing day.
