How AI can close gaps in cybersecurity tech stacks

We’re excited to bring Transform 2022 back to life on July 19th and virtually July 20-28. Join AI and data leaders for sensible conversations and exciting networking opportunities. Register today!


Gaps in cyber security tech stacks, especially in endpoint security and patch management, are making ventures more vulnerable to attacks. CISOs are focusing on how to implement new digital revenue strategies while minimizing risk between different risks and protecting the virtual workforce.

From cybercriminal gangs trying to recruit AI engineers to state-funded Advanced Persistent Threat (APT) networks that are capable of simultaneously launching attacks on multiple attack vectors, cybercriminals are becoming smarter all the time. Studies of job advertisements on the Dark Web show that those who know how to breach web services, have AI-based hacking skills and can obtain privileged access credentials are the most sought after.

Maintaining balance of power with AI

Machine endpoints are expanding at twice the rate of humans, and new digital revenue strategies are expected to provide the enterprise with double-digit growth in 18 months. The virtual workforce needs new security tools that are intuitive and easy to use to support new digital revenue growth. CISOs are balancing these demands with the need for real-time risk management insights and improving user experiences on their applications. These challenges require data-driven AI and machine learning techniques that deliver on a scale to balance power against threats and dangers.

AI and machine learning do not have time to go to the IT and cyber security departments to effectively automate tasks. Improving automated endpoint security, patch management and supply chain security, visibility and control with the Industrial Internet of Things (IIoT) are some of them. The enterprise actively hires and prioritizes zero-trust security, starting with identity access management (IAM), privileged access management (PAM), microsegmentation and endpoint security, then struggling to keep up with endpoints and patch management.

The use of AI and machine learning brings greater intelligence to endpoint and patch management and improves risk-based vulnerability assessments. The sales partners of cyber security providers are also helping to bridge the gap in tech stacks by providing their expertise and insights.

Closing the tech stack gap

Cyber ​​security vendors should rely on five strategies to help their enterprise customers close the widening gap in their security tech stacks. Based on interactions with Endpoint Security, IAM, PAM, Patch Management and Remote Browser Isolation (RBI) providers and their partners, these strategies are beginning to emerge dominantly in the cybersecurity landscape.

Fast-tracking endpoint, ransomware and risk management roadmaps

Cyber ​​security vendors are accelerating their launch plans in three major areas today. Endpoint security is still one of the most intriguing issues for the security team to fix and it is common for organizations not to know where their end points are up to 40%. Broadcom, CrowdStrike, McAfee and Microsoft lead the endpoint security market and have all indicated in earnings and briefings that they are accelerating their roadmaps.

An analysis of the event’s roadmap reflects how vendors take the app up and make big releases more quickly. Ivanti introduced five modules on its Neurons platform, a significant achievement for its DevOps, engineering and product management teams. Evanti told VentureBeat that there is a strong demand for EVENTI neurons patches for MEMs (Microsoft Endpoint Manager) who want to extend Intune implementation to automate patch management and incorporate third-party application update capabilities.

Cyber ​​security vendors today are rapidly tracking their roadmap to improve endpoint management, including IIoT sensors, risk-based vulnerability management (RBVM) and customer experiences, to help enterprises bridge the growing gap in their tech stacks.,

Zero Trust’s land and expansion sales with partners is a high priority.

Cybersecurity vendors tell VentureBeat that one of the primary factors driving their roadmap is the demand for new cloud services from resellers and partners that support higher margin sales. On the last earnings call, George Kurtz, president, CEO and co-founder of CrowdStrike, said the channel’s sales are key to the company.

Reiterating the channel’s high priority to rely on partners to provide land, expansion and zero trust solutions, Ivanti announced that Denis Kozak has joined him today as Chief Operating Officer (COO). Dennis Ivanti will oversee marketing, global sales, customer experience and operations as COO. Mr. Kozak is a longtime channel veteran who has spent 23 years with CA Technologies, where he has led organizations such as Global Sales, Global Channel Sales and Strategy, Sales Operations and Global Transformation to deliver next generation portfolio strategies. He was most recently head of global channels at Avaya, which accounted for about 70% of his total revenue.

Mr. Kozak told VentureBeat in an interview that his goals include capitalizing on the five acquisitions made in the last 16 months to turn the channel’s sales into a growth factor for the event. In addition, Mr. Kozak explained in an interview with VentureBeat that the goal is to bring all acquisitions together in a unified go-to-market and channel strategy.

Determining the amount of risk is a table stack

The enterprise needs better tools to assess risks and vulnerabilities so that gaps in tech stacks can be identified and closed. As a result, there is a growing interest in using Risk-Based Vulnerability Management (RBVM) that can scale across cloud, mobile IoT and IIoT devices today. Endpoint Detection and Response (EDR) vendors are moving into RBVM with vulnerability assessment tools. Leading sellers include CODA Footprint, CyCognito, Recorded Futures, Qualys and others. Evanti Neurons for its first product, Risk-Based Vulnerability Management (RBVM), was released this month following the acquisition of Evanti by RiskSense. The remarkable thing about Ivanti’s release is that it is the first RBVM system to rely on state-of-the-art engines to measure, prioritize and control cyber security risks to protect enterprise against ransomware and advanced cyber threats. Evanti has also developed Proprietary Vulnerability Risk Ratings (VRRs) that determine the degree of adverse risk so that the enterprise can identify and prevent risks before a breach occurs.

Evant’s approach to risk-based vulnerability management combines machine learning models from Resuscence and Evant neurons platforms to create a single, unified view of known vulnerabilities.

Doubling endpoint security as a key production strategy

Fast-tracking endpoint security applications and platforms are also helping to close the gap in tech stacks today. All the leading cyber security vendors have either announced or will be announcing self-healing endpoints soon. A recent Tannium survey found that only 29% of security teams are confident that the patch they are installing will prevent a breach. Absolute’s 2021 Endpoint Risk Report found 12.9 mission-critical applications per enterprise device, including 11.7 security controls. Absolute’s report found that the higher the complexity of the endpoint, the greater the risk of conflict, collision and cancellation of the application, making the endpoint less secure.

A recent survey by Ivanti on patch management found that 71% of IT and security professionals found patching to be overly complex and time consuming, and 53% said it took them most time to sort out and prioritize complex vulnerabilities. Evanti launched their Neurons patch for MEM last week which reflects the future of AI-based patch intelligence for endpoint security, relying on AI-based bots to identify which patches need to be updated the most. Additional vendors offering AI-based endpoint protection include Broadcom, CrowdStrike, Sentinellon, McAfee, Sophos, Trend Micro, VMware Carbon Black, Cyberson, and more.

Digital experiences need to increase productivity

Improving how intuitive it is to use any security application increases productivity and reduces risks. However, using the enterprise application is known as a challenge. Apple, known for its intuitive design, relies on metrics and analytics combined with design principles to streamline each new application and system. Apple’s success in this area of ​​enterprise software does not come close to a standard.

It is encouraging to see that cyber security vendors face the challenge of using AI to improve the user experience. Ivanti launched their digital experience score at the Ivanti Neurons Workspace last week. The most common request from users of CIOs is to improve the usability of the application to drive greater security productivity and operational agility. Evanti’s Digital Experience score provides 360-degree views and real-time insights about devices, operating systems, networks and applications that employees rely on in their virtual workspaces.

Ivanti claims that it excludes unions from using ticket counts as a proxy for employees’ experience, as closing tickets alone is not a service-level agreement (SLA) that needs to be measured; Instead, organizations need to quantify the effectiveness of IT and digital experiences (XLAs) and find new ways to improve them. Machine learning algorithms to produce a comprehensive metric for users’ digital experience.

Calculating and using AI to identify ways to improve digital experience scores is the future of enterprise software and cybersecurity applications in particular.

Risk authentication

The intensity, speed and sophistication of cyber attacks are increasing rapidly. CIOs and CISOs know they need to rely on more advanced technologies, including AI and machine learning, to stay on top of split-second attacks that can take their network down. With AI engineers being recruited out of school by cybercrime gangs and state-sponsored cyber attacks becoming more common, the ability to thwart AI and machine learning breach attempts and sophisticated attacks is becoming more and more evident.

While cybersecurity vendors accelerate their product roadmap with tougher, more data-driven applications, AI platform players seek to descend and expand into partner strategies. Determining the amount of risks is now table stacks and every cyber security vendor in endpoint security or nearby markets is introducing self-healing endpoints. Cyber ​​security tech stacks need AI to identify how best to thwart advanced attacks today and in the future.

Venturebeat’s mission Transformative Enterprise is about to become a digital town square for technology decision makers to gain knowledge about technology and transactions. Learn more about membership.

Similar Posts

Leave a Reply

Your email address will not be published.