Elevate the maturity of your threat hunting teams to Level 4

Level 4 threat hunting is typically defined in various frameworks as data science based automation. PatternEx’s Virtual Analyst Platform (VAP) automates data science and increases the maturity of threat hunting teams. At the core of the Virtual Analyst Platform is an easy-to-use and powerful AI architecture built for analysts to quickly create, modify, and test AI threat detection models—all without coding or requiring data science expertise. Watch our latest on-demand webinar to learn more.

Automate Threat Hunting

Automate Threat Hunting

Detect 10x More Threats

Detect 10x More Threats

Reduce SIEM Alerts Immediately

Reduce SIEM Alerts Immediately

In my experience, today’s security analytics fail to detect advanced, targeted attacks. What is needed is something built from the ground up to detect threats that traverse multiple tactics and entities over long time horizons. PatternEx’s concept of ‘virtual analysts’ does exactly that, and has helped improve our SOC efficiency."

– Thomas Whang, Impelix

architecture-diagram.png

How We Do It

The PatternEx Virtual Analyst Platform ingests data and then outputs an actionable classification of threats.  The main components include:

AI Pipelines  The pipelines use big data architecture for behavior modeling of users, hosts, applications, and other entities. The AI classifies events as benign, malicious, or suspicious with a given confidence level. Analysts can choose to label the analysis to improve the AI automation.

Predictive and Automated Correlation Engine  This engine “connects the dots” and creates an attack story for current and anticipated attacks based on relationships amongst system, network, data, and/or user behaviors.

Customized Analytics and Transfer Learning Engine This component enables the system to get smarter with analyst inputs. Transfer learning makes it possible to share AI threat detection models without sharing confidential data.

AutoCorrelateTM

The AutoCorrelate engine reduces the time it takes to do an IR investigation or threat hunting task by 20x.

Through automatic relationship discovery across all entities (user, URL, IP, etc..) an intuitive graph is shown along with suggested threats and anticipated threats.

 

Alternate Cluster Image.png
custom analytics

Advanced Threat Hunting and Security Analytics

PatternEx Virtual Analyst Platform (VAP) accelerates threat hunting with automated AI so your team can:

  • Build AI models without coding and without data science expertise
  • Convert successful hunts into AI models for Level 1 analysts to run as part of your playbook
  • Share AI models among your team, allowing other analysts to use and modify them as needed
  • Run advanced data science notebook analysis for deeper data science tweaking or to create custom features for AI models

Scalable and Easy to Use

You have Tera- or Petabytes of data. No problem—the system can scale easily to process data in real-time or via batch logs. But you don’t want to spend hours supporting, tools, and tweaking an AI system. Again, no problem—PatternEx works out of the box and automatically gets smarter over time.

AutoCorrelate masked.png
icon-webinar

OnDemand Webinar:

AI Enabled Threat Hunting: Automation Through Auto Correlation

Watch Dr. Mei Lam, PatternEx data scientist, discuss AI best practices to make it easier to find correlated security events (and anticipate threats)—without writing rules.

WATCH NOW