Overview

LogicHub’s advanced artificial intelligence (AI) and automation mirrors and enhances the cognitive and intuitive approach of expert security analysts – but at machine speeds and machine scale. LogicHub AuDRA is a virtual assistant bot that guides security analysts and helps them build threat hunting playbooks that can sort through billions of data points to find suspicious activities and threats.

Unlike rule-based systems that look for known threats and are very often signature based, LogicHub AuDRA assumes everything could be potentially malicious. It then applies the same logic that an experienced threat hunter would as it helps the analyst automate sophisticated threat hunting playbooks. As threats multiply exponentially across systems, AuDRA detects and responds to them at speed.

LogicHub AuDRA enables skilled human threat hunters to encode their techniques, thus capturing their expertise and decision processes, turning them into scoring and decision playbooks. LogicHub has based its platform on expertise automation and a blend of expert systems with deep neural net architecture, designed to work with a reduced amount of data. The engine progressively learns and updates its own logic to make more accurate decisions like a human analyst. The playbook thus helps in event triage by automating the decision on criticality of events by scoring each event.

LogicHub AuDRA is deployed within the datasets of LogicHub MDR customers. As it roots out and identifies threats, the output is presented to clients as fully enriched cases with explanations, additional data, and recommended response steps. The technology helps to automate human expertise and improve threat detection efficacy at a lower cost, freeing up a security team’s valuable time and resources to focus on high-value security tasks.