Press Center

Malware and antivirus software

News

ESET AI’s advantage in Threat Detection, Investigation and Response (TDIR)

Created: 2024-01-03 03:46:47

In the ever-evolving landscape of cybersecurity, the role of Artificial Intelligence (AI) has become indispensable, particularly in the realms of threat detection, investigation, and response (TDIR). At ESET we have been harnessing the power of AI for over three decades providing real-world solutions that meet the dynamic challenges of cybersecurity.

What is TDIR?

Threat, detection, investigation and response is a risk-based strategy for effectively mitigating cybersecurity threats and enhancing the efficiency of threat detection. The foundational capabilities of TDIR are pivotal in shaping how tools within a Security Operations Center (SOC) contribute to the overall mission and strategy of the SOC. TDIR capabilities empower contemporary SOC staff to adeptly design, configure, and manage security detection use cases. Notably, the top use cases for Artificial Intelligence (AI) in the TDIR process underscore the persistent requirement for human engagement, reinforcing the symbiotic relationship between advanced technology and human expertise.

AI in TDIR

As a representative vendor we have been interviewed for Gartner’s latest report “Emerging Tech - Top Use Cases for AI in Threat Detection, Investigation and Responses”. The emphasis was on exploring how providers plan to leverage AI to augment and support analysts in the Threat Detection, Investigation, and Response process. Gartner’s report provides valuable insights into the advancements made in enhancing TDIR services or products through the integration of AI.

Supervised ML for Enhanced Threat Detection:

One of the key takeaways from the Report is the increasing reliance on supervised Machine Learning (ML) by security providers: "For years, security vendors have been integrating AI into their products and threat detection processes, to enable them to identify anomalies and patterns that surpass human capabilities at scale. In fact, over 50% of interviewed security service and tech providers claim to already be using supervised ML-based AI coupled with supervised training to enhance their threat detection abilities." [Source: Gartner: Emerging Tech: Top Use Cases for AI in Threat Detection, Investigation and Response. Travis Lee, Matt Milone, Elizabeth Kim, John Collins. [27 October 2023] ID: G00790125]

With a legacy dating back to 1990, ESET has been a forerunner in the integration of AI into its security solutions. Recognizing the evolving nature of cyber threats, we embraced the potential of AI early on, leveraging its capabilities to not only detect but also block threats in real-time.

ESET LiveSense, our versatile set of proprietary, multi-layered technologies, surpasses the capabilities of standard solutions. We use machine learning to combat new threats and can ensure continuous threat intelligence updates through the early adoption of cloud technology that powers our global ESET LiveGrid reputation & response system.

At ESET we employ two distinct forms of Advanced Machine Learning, comprising a high-powered detection engine in the cloud and a lightweight version deployed on the endpoint. These utilize a carefully selected set of classification algorithms, including deep learning and boosted trees, ensuring swift and precise analysis crucial for thwarting emerging threats.

Furthermore, the latest enhancement to our product ESET Inspect introduces an AI-powered detection correlation engine. This innovative feature automatically generates incidents, empowering security engineers to significantly minimize the time dedicated to investigation and incident management.

In conclusion, our pioneering journey with AI in TDIR represents a paradigm shift in cybersecurity.  Security vendors aim to differentiate themselves by improving detection results and reducing false positive/negative rates, adopting a "go fast and be safe" approach.

By leveraging the power of modern AI-techniques, we not only stay ahead of emerging threats but also set new standards for efficiency and accuracy in threat detection and response. As thought leaders in the cybersecurity space, we aim to continuously empower you with valuable insights, innovative solutions, and strategic recommendations, ensuring you are well-prepared to navigate the dynamic challenges of the digital age.


Objectivity Disclaimer
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

 


About ESET
ESET develops software solutions that deliver instant, comprehensive protection against evolving computer security threats. ESET pioneered and continues to lead the industry in proactive threat detection. ESET NOD32 Antivirus, its flagship product, consistently achieves the highest accolades in all types of comparative testing and is the foundational product that builds out the ESET product line to include ESET Smart Security. ESET Smart Security is an integrated antivirus, antispyware, antispam and personal firewall solution that combines accuracy, speed and an extremely small system footprint to create the most effective security solution in the industry. Both products have an extremely efficient code base that eliminates the unnecessary large size found in some solutions. This means faster scanning that doesn’t slow down computers or networks. Sold in more than 160 countries, ESET has worldwide production headquarters in Bratislava, SK and worldwide distribution headquarters in San Diego, U.S. ESET also has offices in Bristol, U.K.; Buenos Aires, AR; Prague, CZ; and is globally represented by an extensive partner network. For more information, visit our local office at https://eset.version-2.sg.

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The Company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which includes Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities. For more information, please visit https://www.version-2.com.sg/ or call (65) 6296-4268.

Why ESET?

ESET has over 25 years' experience of helping people to Enjoy Safer Technology. Our software is light on hardware, but hard on malware.

Our Technology

ESET’s award-winning NOD32® Antivirus technology is at the cutting edge of digital security. It’s updated daily to keep you secure.

Free Support

Enjoy your free, industry-leading customer support locally. For technical, sales and marketing enquires dial +65 6296 4268.