Episode 79 – Autonomous Security Operations Centre (ASOC) platform – JASK’s application of AI & ML in the SOC

Summary: In this episode Chris Cubbage interviews Greg Fitzgerald, Chief Marketing Officer of JASK. Chris and Greg talk artificial intelligence, cloud, and big data in the company of planes, trains, and cutlery. It’s a great interview, and being in California, has some Hollywood-esque special effects. JASK (https://jask.ai/) is the provider of the industry’s first Autonomous Security Operations Centre (ASOC) platform, designed to capture enterprise-wide alert linkages and create analyst workflow efficiency. The JASK Navigator, a visually-driven, contextually-rich investigation console provides SOC analysts a one-click path to situational attack awareness, multi-asset data ingestion; query flexibility and analyst team workflow support. JASK takes in data from any monitoring security tool to help analysts understand if there’s a compromise within their organisation. Using artificial intelligence and machine learning to prioritise the massive amounts of data, JASK reduces the volume, but not the importance, to improve efficiency and effectiveness of cyber security by making it all manageable for the human analyst. Enhancement to the platform allows two major elements, a one click discovery of a compromise, where a signal can be an alert or a combination of an alerts. Once the severity or ranking is done, JASK will create an ‘Insight’ for the SOC Analyst to review. Applications can provide up to 40 per cent improvement in the reduction of alerts and as the machine learns, JASK anticipates to get to 60 – 70 per cent. JASK Navigator Console and Enhanced Team Workflow JASK Navigator is an investigation console that equips analysts with an actionable view of JASK Insights. Investigations are streamlined and logical, offering SOC teams one-click access to better prioritised insights and faster paths to resolution. To further support enterprise analyst workflows, JASK is also developing team support via customisable workflow queues within the ASOC platform. This allows the creation of user groups or teams in order to assign the triage of JASK Insights. The enhanced workflows allow teams to adjust the Insights stage, providing visibility into the overall status of all assigned tasks. JASK also allows analysts to assign and visualise alerts from existing security solutions by user, team and status. Since launching the platform in July 2017, JASK’s vision remains on delivering an asset-independent, open platform that enables an autonomous workflow of what, where, why and how analysts should take action. With its latest enhancements, the JASK ASOC platform improves visibility through unique mapping of data to records linked across devices, users, networks, applications and almost any third-party data source. Off to a strong start in 2018, JASK doubled its customer base in the first quarter of 2018, adding enterprises spanning higher education, financial services, healthcare and retail. Additionally, the company continues to support existing security operations workflows through partnerships and specific integrations with leading solutions in cybersecurity, including Cylance, Demisto, Carbon Black, Microsoft Active Directory, Splunk, ArcSight, among many more. Recorded at the NetEvents Global Press & Analyst Summit – Innovators in Cloud, IoT AI & Security, Dolce Hayes Mansion, San Jose, California, USA, 26 May 2018. #NetEvents18 For more information on the JASK ASOC platform, visit https://jask.ai/solutions/product/ (https://jask.ai/solutions/product/) (https://jask.ai/solutions/product/)Also checkout the JASK at RSA 2018 (https://www.youtube.com/watch?v=j51uGlqtR94) video – loved the Tesla! For the full article - visit the