intelligent

Addressing the skills shortage faced by organisations for level one and level two analysts , merely providing them with a deluge of data and detections , is not effective . That ’ s why we have developed an intuitive user interface that lowers the barrier for anyone and everyone to utilise our product . The objective is for level one and level two analysts to log into the platform , identify the critical issues requiring attention and access all necessary information to triage and investigate alerts efficiently , thereby enabling swift remediation and action .

We have built the SaaS platform around these principles to drive our core mission . In terms of traditional metrics , this product has shown record setting growth . There is significant traction and demand especially in the international market . Notably , our SaaS platform will now be available in the Middle East , specifically in Dubai , ensuring localised data accessibility for organisations in that region .

During a visit to Dubai , I had the opportunity to meet several customers who are eagerly anticipating the availability of our product in the region . Ultimately , our goal is to make our solutions accessible to organisations and analysts of all skill levels . We are dedicated to constantly ensuring that our customers derive the utmost value from our offerings .

What are some of the shifting winds and how does this impact your innovation ?

One noticeable trend is the shift from traditional workloads in classic data centres to the cloud . Many organisations are accelerating this transition for various reasons . Recently , with price increases on some tools within the ecosystem , this move has become even more urgent . The cloud , while similar in many respects , presents distinct challenges especially concerning threats and monitoring .

To address these challenges , we have developed a cloud-native deployment of all Corelight features and functionalities for AWS , GCP and Azure environments . This ensures access to traffic data and detection capabilities comparable to on-premises setups . However , it is not enough to simply migrate on-prem data to the cloud , it must be relevant to cloud operations . That ’ s why we are heavily invested in ensuring our data generation aligns with cloud security operation needs . This involves making it clear which AWS instances and services are generating specific traffic , thus adding valuable cloud context to our logs . Given the efficiency of cloud environments , our focus has shifted to creating detections that are cloud-native . For instance , detecting suspected data exfiltration from an S3 bucket is crucial as many organisations face this issue . Hence , we are deeply invested in cloudspecific threat research .

Additionally , we are exploring the use of GenAI to enhance analysts ’ capabilities and responding to customer demands . Analysts face considerable complexities and require assistance . GenAI tools can help them investigate alerts and provide actionable insights . We have integrated this functionality into our product . Our advantage lies in our foundation on open-source technology which means our AI tools are already familiar with the open-source data and protections we utilise . This familiarity allows them to accurately answer customer queries . In a smart way , we implement these tools without compromising customer-sensitive data , offering the right actions and summaries for analysts to better understand and respond to threats . �

THE CISO ’ S ROLE SHOULD REVOLVE AROUND MAINTAINING A HIGH-LEVEL PERSPECTIVE ON THE THREAT LANDSCAPE , REDUCING THE COMPLEXITY OF SECURITY TOOLS AND CONTINUALLY ENHANCING THE SKILLS OF THEIR TEAM .

Vijit Nair , VP , Product at Corelight