Can Senseon beat Darktrace at its own game with its 'AI triangulation' technology?
17th September 2018 | Computer World
A breakaway company from British cyber security darlings Darktrace called Senseon is plugging a gap in the infosec market that's sorely lacking
A breakaway company from British cyber security darlings Darktrace called Senseon says it is plugging a gap in the infosec market that's sorely lacking - claiming unanimous approval from the CIOs who are enthusiastically taking up the technology.
The company was founded roughly 18 months ago based on conversations that founder and CEO David Atkinson - who had worked as commercial director at Darktrace since 2015 - had been having with CIOs and CISOs.
The main problem he saw, and opportunity he looked to grab, is that there's "not enough people to deal with the overwhelming number of threats," he said.
"We've felt the pain. We've understood that no matter how long, and how late you stay and how much coffee you drink you're never going to get through it," he added. "The realisation was something has got to fundamentally change, and the fundamental shift was could we design technology that has the ability to automatically look at emerging threats or anomalies from multiple different perspectives?"
Like many Darktrace employees, Atkinson served in the military prior to his joining the cybersecurity vendor. Now at Senseon he works with specialists who have managed security for major telcos as well as critical national infrastructure.
How does it work?
Senseon's model also uses machine learning to bring together insights from all possible points of entry for malicious activity, so the network, the infrastructure - whether that's cloud, on-prem, or IoT - the endpoints, as well as user behaviour. It also tests perimeter defence with an 'outside-in' model, coming at the problem from the perspective of an attacker outside of the organisation.
Underpinning all of this is what the company describes as its "AI Triangulation" algorithms, that correlate and cross reference all information gathered from the network, endpoints, and their 'investigator bots', all three of which the company calls 'senses'.
"At its core there's three components, that allow this triangulation to occur. There's a bit of software done at every end point - desktop, laptop, server, Windows, Mac - there's a network appliance, and there's microservices or investigator 'bots' that look at the business from the outside-in," he explained.
"The AI actually works and detects threats across each of the 'senses': the network, the cloud, the endpoint, the investigator bots etc, independently. The real strength is in Senseon's AI Triangulation, which is the ability to then triangulate between each of the 'senses'.
"This gives Senseon users the best chance of detecting threats inside their organisation with accuracy. It's during this and the context we provide that enables Senseon to reduce false positive alerts that would be produced by other solutions and single-point tools."
Single-point solutions, says Atkinson, are "crippled" because they only monitor a single source in the customer environment, such as network or the endpoint. He adds that the single-point solutions are "very siloed in their nature" due to having been built over a long period of time.
"Therefore, the single-point solutions often make inaccurate decisions, through no fault of their own, just purely down to the data it has available, then the culmination of these inaccuracies cause a disproportionate amount of noise, hampering companies responding with speed and accuracy.”
There is also an amount of product bloat at most organisations - "82 different single-point solutions" on average for Fortune 500 companies, according to Atkinson - so Senseon also aims to provide as much functionality from a single product to cut down on this.
The product itself then is self-learning and customisable, with the option to create custom detection alerts and analytics, as well as a customisable user interface.
Selling to CIOs
The feedback, says Atkinson, has been overwhelmingly positive.
"We have CISOs and people who have been in this game for a long time stop meetings halfway through and go: 'why has no one done this yet?'" he says.
The experience of the senior team, who all have considerable heritage in the infosec business world, has helped Senseon get itself in front of buyers, who are then referring the company on to other CISOs, CIOs and decision makers.
"We're bypassing the problem and that's something I'm eternally grateful for - we have technology where we can sit in the room across the table from the CISO that's been in in the industry 18 years, and say 'there is no one else in the world developing a technology like ours' and they agree.”
The company has been asked by the British government to represent the UK cyber security industry in the USA.
Next, the company will continue to build its presence in the USA to focus on growth, sales and marketing. And what about funding? There will be some "exciting news around that" in the "not too distant future”.
This article is was originally posted: https://www.computerworlduk.com/security/senseon-uses-ai-triangulation-sniff-threats-3683788/