NTT Communications (NTT Com) has developed “AI Advisor,” a security operation support solution that utilizes generative AI. By using it in combination with security solutions, it will realize the efficiency and sophistication of security operations in companies.

In recent years, cyber attacks have become more sophisticated and complex, making it difficult to completely defend against them with security measures. For this reason, the concept of cyber resilience is gaining importance.
Rather than providing 100% defense, the idea is to predict and apply threats that threaten business continuity. Although risk is reduced, the risk will never be zero, so measures will be taken that assume internal intrusion.
Against this background, SASE (Secure Access Service Edge) is being introduced mainly by companies. SASE is a product that integrates various security functions to create a robust security environment. As remote work and cloud computing have become more widespread, internal information has come to flow outside the company, and SASE, which covers vulnerabilities in VPNs and inadequate device settings, has attracted attention.

On the other hand, using various security functions also increases the burden of operations. For example, a large number of alerts notifying of dangers are generated, so it is necessary to quickly determine which alerts are truly serious.

In recent years, SORE, which automates incident response, has also become popular, but there are some areas that cannot be handled by automation.

“The real problem is the part that cannot be handled by automation. It is difficult for operators who are not security experts to solve this. The security-specialized generative AI service ‘AI Advisor’ solves these problems,” says Seiji Jo, an evangelist at NTT Com.

AI Advisor provides skills and support in security operations in natural language. Specifically, it works with the latest vulnerability information and IT operation systems, and generates optimal answers based on the latest information when an incident occurs.

Security operators perform various tasks every day.

For example, sorting through a large number of alerts and reporting to management. Furthermore, if an incident occurs, they need to immediately understand the extent of the impact and be busy formulating countermeasures plans in line with company rules and responding to customers.
The AI ​​Advisor supports these tasks.
It collects and organizes the necessary security information, creates countermeasures plans in line with company rules, and narrows down from a large number of alerts to the truly important ones.
Kitagawa Kimihito, manager of NTT Com’s Business Solutions Division, promotes the service by saying, “It is a solution that truly supports the work of security operators as an AI agent.”
The AI ​​Advisor is scheduled to be available from January next year.

※Translating Japanese articles into English with AI