CyCraft Technology announced today (4.20) that they have launched the new AI-based cybersecurity threat management platform called “XCockpit”. This new platform is built under the concept of AI-Assistant-as-a-Service, integrates internal and external threat monitoring, and solves the problems of manpower shortage and difficulties of quantizing the operation efficiency of enterprises’ SOC teams which is the most critical issue for CISOs.
XCockpit follows the concept of AI-Assistant-as-a-Service and integrates internal/external threat detection and monitoring for enterprises, helping Chief Information Security Officers (CISOs) to solve the severe issue of manpower shortage and team operation inefficiency. Through the patent AI technology of XCockpit, enterprises could improve their incident response processes and investigation performances while strengthening their cybersecurity resilience.
XCockpit integrates three major cybersecurity scenarios to create an intuitive and highly readable dashboard.
XCockpit combines the three major functions that are most important for enterprises’ cybersecurity — endpoint detection and response (EDR), identity detection and response (ITDR), and external attack surface management (EASM). Through the exclusive AI technology, CyCraft’s XCockpit platform automatically helps enterprises on:
- Deeply investigate cybersecurity incidents and their correlated alerts
- Generate root cause reports, visualized storyline, and contextual incident abstract
- Consolidate alerted events into incident tickets via its incident management system
- Quantize the progress into key operation indicators such as MTTI, MTTD, and MTTA
- Score the comprehensive risk level for EDR, ITDR, and EASM
It’s worth mentioning that XCockpit’s innovative incident management system would lead to significant speed up on the SOC team process. Tier-1 members of a SOC team could triage the incidents immediately once XCockpit consolidates correlated alerts into an incident ticket and automatically provides investigated detailed information, thus constructing a total-automatically process for incident response. XCockpit aims to raise the accuracy and speed of incident response and addresses the most pressing concerns of CISOs regarding insufficient performance and manpower shortages.
XCockpit investigates root causes of incidents and incorporates LLM to automatically generate forensic summaries, assisting analysts in quickly understanding the case.
Whenever talking about the operation of enterprises’ cybersecurity teams, the Mean Time to Detect (MTTD) and Mean Time to Investigate (MTTI) absolutely play the role as the key indicators. In the past, enterprises relied on investing in high manpower costs to reduce MTTD and MTTI. With the AI automated process of XCockpit, not only can issue processing be accelerated, but CISOs can also view these key indicators, investigating progress, and comprehensive risk scores of enterprises’ cyber landscapes at any time to ensure that the security team operates at peak efficiency.
Although Large Language Models (LLMs) such as GPT and BERT have made apparent improvement in other fields these years, it has been difficult for them to be applied in the cybersecurity industry. However, due to the long experiences of AI research and massive data of investigated hacker activities, CyCraft has integrated dedicated AI cybersecurity models and adopted the AI virtual analysis assistants into the XCockpit platform. This gives XCockpit the ability to provide Traditional Chinese incident abstracts and disposal suggestions, helping CISOs and other high-level managers to quickly grasp the situation.
“Under the wave of new AI technology, cybersecurity teams must also keep up with the new generation’s pace. It’s necessary for CISOs to understand that AI will eventually become a member of the security team, and even completely change the overall cybersecurity industry environment.” said Ming-Chang Chiu (Birdman), the founder of CyCraft, “As the only cybersecurity company in Taiwan selected as the representative case in the Gartner AI industry report, we look forward to expanding the power of AI in this trend and making AI not only a chatbot but a high-tech assistant that can truly enter the incident response processes, while playing a role in SOC/SIEM team to solve problems for enterprises.”
CyCraft Technology is the only Taiwanese cybersecurity vendor selected as representative AI company based in Asia by Gartner and IDC Perspective, helping organizations to detect and respond to cyber incidents faster and better through highly automated AI solutions. CyCraft’s solutions lead organizations to understanding root causes and having the ability of stopping repeat attacks.