Intelligent chatbot helps boost endpoint security
It's vital to protect endpoints within the enterprise, but often the level of alerts generated by conventional solutions can prove overwhelming for security analysts.
Cyber security platform Endgame is introducing new features to simplify attack detection, threat hunting, and response, including the use of an intelligent chatbot.
Called Artemis, the bot employs natural language understanding (NLU) to allow users of any skill level to ask simple yet powerful questions and receive the definitive answers required to stop targeted attacks before data theft or damage occurs.
Endgame's NLU engine combines machine learning with security domain expertise to identify analyst intent and guide user workflow. As a result, users don't need to learn the complex and proprietary syntax of multiple point products. Analysts can, for example, ask: 'Are we being attacked by WannaCry?' or 'Have we prevented WannaCry everywhere?'
Other features include Endgame ThreatFlow to close enterprise blind spots by augmenting endpoint data with network flow information to identify malicious intent such as command-and-control and exfiltration attempts. A MalwareScore module can prevent malicious module loads, and enhanced behavior-based macro and exploit prevention stops spear phishing and drive-by downloads, the most common delivery method for ransomware, malwareless, and in-memory attacks.
You can find out more about Artemis on the Endgame blog, and there's a video comment from customer Texas A&M University below.