Group-IB bets on AI to improve threat intelligence and incident response

Singapore-based cybersecurity provider Group-IB has added new AI abilities to its flagship SaaS offering, Unified Risk Platform (URP), to harden proprietary threat detection and response capabilities.

The platform, which provides adversary and attack path intelligence, has received AI upgrades for three of its six modules-Fraud Protection, Digital Risk Protection, and Managed XDR.

“Through the implementation of AI modules, our goal is to significantly enhance the efficiency of our customers’ time spent on detection, analysis, attribution, investigations, and takedown processes,” said Dmitry Volkov, CEO and co-founder of Group-IB. “By leveraging AI capabilities, we aim to streamline and expedite these tasks, ultimately providing more time-effective solutions for our customers and partners.”

The new capabilities are available at launch and can be accessed by users through their existing URP subscriptions.

AI-backed no-code fraud detection

Group-IB’s Fraud protection module has been upgraded with a new AI-powered Fraud Matrix framework that deconstructs and catalogs known MITRE fraud tactics, techniques, and procedures (TTPs). The AI is used for behavioral fraud categorization and turning known schemes into actionable anti-fraud strategies, the company claims.

Additionally, Group-IB now has a no-code, fraud detection rule builder. “This enhancement allows customers to effortlessly build and test custom fraud detection rules using historical data from millions of sessions,” the company said in a press release. “This feature reduces false positives and increases the accuracy of anomaly detection to prevent fraud more effectively.”

Group-IB has also expanded its intelligence-gathering network by including real-time news monitoring, indicators of compromise (IOCs) filtering, and extraction capabilities. Threat scanning has also been bumped to include coverage of VPN hosts, DDoS, and augmented phishing attacks.

Computer Vision for brand abuse

The Digital Risk Protection module on URP is dedicated to fighting scams and brand violations, according to Group-IB. To that end, the company has added new AI algorithms within these tools to enhance the detection of impersonation and other brand abuses.

“The implementation of the large-scale computer vision system has improved the detection rate of unauthorized brand logo usage by 40%, while, at the same time, implementing a three-fold decrease in the neural network’s training time,” said the company, talking about the algorithms URP uses for detecting logo usage violations.

Additionally, an enhanced AI-infused engine helps in the automated creation of signatures to speed up the detection of typosquatting and illicit use of brand logos, the company added.

Group-IB’s new Smart Abuse Tool helps streamline the takedown process and the content owner’s request for getting stolen content removed from the internet by automating the drafting of abuse reports, identifying appropriate registrars, and sending takedown requests against IP violations.

MXDR receives AI updates for detection

Within Group-IB Managed XDR, a few AI infusions have been made to strengthen detection visibility. AI is being specifically used to detect evolved attacks and sort remediation alerts.

“A graph-based representation of alerts has been made available for all alert types, including Email, Network, EDR, and sandbox to provide a comprehensive view of potential threats and facilitate incident management,” the company said. “Group-IB’s malware detonation has (also) undergone a series of AI-driven optimizations to enhance the detection of “malware-free” attacks.” Additionally, URP has extended MXDR functionality to Linux and MacOS systems as well as remediation functionality for Windows EDR. Previously, the module was supported on Windows systems.

Security Software

Go to Source