FINAL WORD
Bitsight stresses the importance of anticipating attacks rather than reacting to it where possible. How is BitSight helping organisations to make that transition from reactive to proactive defence?
We are providing two mechanisms that maintain a proactive defence – passive and active actions.
Passive is everything from sending reports that we are generating through APIs and sending alerts and notifications to different stakeholders on bad things that are happening.
On the active side, we have the ability to integrate different tools that you have in your SOC and trigger workflows automatically once we find a strong indication of an incident.
What role does automation play in Bitsight’ s solutions?
We use AI and automation in a lot of ways. However, one significant way is for the prioritsation of incidents and actionability. Our solutions compile a vast amount of data which we do not want to overload onto our clients. Therefore, AI helps prioritise the most important suspicious activities. For example, if the CEO has a lot of important data on his computer, versus an old computer sitting in a lab not doing anything, we know that and we can prioritise one over the other, triggering an action. Using AI and different AI agents to provide the real context of a specific compromised endpoint is important information that we are providing to our customers today.
How are you ensuring that your product is scalable across complex environments?
This allows our solutions to be as pre-emptive and proactive as possible.
Currently, we are covering more than 4 billion IP addresses, about 500 million domains, we monitor
www. intelligentcio. com INTELLIGENTCIO EUROPE 77