"Named WorkHorse, the solution is described as a tool that easily integrates with an organization's SIEM system and within minutes it begins transforming raw alerts into fully contextualized information that is ready for Tier 2 analysts. The goal is to cut alert fatigue to zero and reduce case triage time from hours to seconds."
"WorkHorse leverages a machine learning algorithm based on a multi-graph approach and is stateless. 'Once it processes the alerts and creates the cases, the data is discarded from memory and waits for the next run or next set of data to group them together,' explained Marius Corîci, co-founder and CEO of HoundBytes. 'The algorithm analyzes over 50+ datapoints for each graph where every graph is built from an alert and also enriches the case with everything available, from MITRE tactics to host data, user information, etc.'"
WorkHorse integrates with an organization's SIEM and transforms raw alerts into fully contextualized cases for Tier 2 analysts within minutes. The platform aims to eliminate alert fatigue and reduce case triage time from hours to seconds. WorkHorse uses a stateless, multi-graph machine learning algorithm that analyzes over 50 datapoints per graph and enriches cases with MITRE tactics, host data, user information, and other available context. The product avoids traditional SOAR friction such as new dashboards, playbooks, training, and vendor lock-in. Pricing is based on monthly alert volume, with a $3,500 flat fee for up to 10,000 alerts and sliding per-alert rates above that. The solution evolved from HoundBytes' internal SOC needs and is preparing for a funding round.
Read at SecurityWeek
Unable to calculate read time
Collection
[
|
...
]