Simbian Advances Threat Hunting Using Microsoft Sentinel data lake

MOUNTAIN VIEW, Calif.--(BUSINESS WIRE)--Simbian®, building Superintelligence for Accelerated Security, today launched its AI Threat Hunt Agent which integrates with the Microsoft Sentinel data lake. This announcement enables Microsoft 365 E5 customers to accelerate and scale their organizations’ threat hunting capabilities. Simbian’s AI SOC Agent has also been extended to leverage the vast security data available in Microsoft Sentinel data lake.

Simbian advances threat hunting using Microsoft Sentinel data lake, delivering on Simbian’s vision of Superintelligence for Accelerated Security.

Share

Simbian’s AI Threat Hunt Agent automates the process of validating threat hunt hypotheses using AI. With Simbian, threat hunters use natural language to identify the techniques and tools that threat actors may be using and roughly where in the organization they are operating. The AI Threat Hunt Agent queries the organization’s security data across different tools to find evidence supporting the hypothesis, then deeply investigates to confirm if there is a chain of malicious activity, giving analysts timely feedback. Simbian is the first and only threat hunt solution that automates validation of threat hunt hypotheses at scale across an enterprise.

Microsoft Sentinel data lake together with Simbian solves key challenges in threat hunting. With Sentinel data lake, Simbian can reason across months of diverse logs from throughout the enterprise to identify long running threats or discreetly execute investigations. Simbian’s AI SOC Agent has also been enhanced to use Microsoft Sentinel data lake to deeply investigate and respond to security alerts from all major alert sources including SIEMs and EDRs. Integration with Microsoft Sentinel data lake extends Simbian’s current Microsoft Sentinel integration to include Sentinel data lake, a cloud-native security data lake that allows organizations to ingest, store, and analyze large volumes of diverse security data at scale in a single, open-format, extensible platform.

“Sentinel data lake delivers on Microsoft’s vision of being the best security platform for security in the AI era,” said Krishna Kumar Parthasarathy, Corporate Vice President, Microsoft Sentinel Platform. “We are excited to have partners like Simbian demonstrating the power of this platform and show a path towards more autonomous security capabilities.”

“Simbian is honored to work with Microsoft to take advantage of the wide breadth of data provided by Sentinel data lake and provide autonomous solutions for our mutual customers’ pain points in threat hunting,” said Ambuj Kumar, Simbian Co-founder and CEO. “By automating the mechanical and reasoning aspects of threat hunting across large volumes of data from Sentinel data lake, customers can hunt broader and deeper to uncover threats that matter and focus on the creative side of threat hunting.”

The new Simbian AI Threat Hunting Agent in coordination with the previously released Simbian AI SOC Agent completes the lifecycle of threat hunting, providing the foundation of Superintelligence for Accelerated Security. Threat hunters formulate hypotheses informed by security context gathered by Simbian, then validate those hypotheses with Simbian’s AI Threat Hunt Agent. Simbian’s AI SOC Agent is used to investigate and respond to threat hunt findings.

Availability

Simbian’s AI Threat Hunt Agent is now available in private preview. Contact Simbian to participate at https://simbian.ai/contact-us. Simbian’s AI SOC Agent and Context Lake are both generally available.

About Simbian

Simbian, building Superintelligence for Accelerated Security, offers AI Agents that work like virtual employees and autonomously complete a variety of security tasks with precision and efficiency. The company is venture backed and headquartered in Mountain View, Calif. For more information, visit www.simbian.ai.

Simbian is a registered trademark of Simbian.