Ontinue announced the addition of three new AI-powered skills to its Ontinue ION MXDR service
June 2023 by Marc Jacob
Ontinue announced the addition of three new AI-powered skills to its Ontinue ION MXDR service. These new skills are enabled by – and incorporated into – ION IQ, Ontinue’s proprietary security AI technology that models customer environments and operations to localise the ION MXDR service for faster, more accurate prevention, detection and response to cyber threats, while simultaneously reducing the burden on customers’ security teams.
ION IQ: The AI at the core of ION MXDR
The integration of AI in security has risen over the last several years, especially the use of large language models. The main application of AI in security, however, has been to better understand threat behaviour for the purpose of improving detection, which has worked well and has made defenders more effective. AI has not been widely used to address the challenge of tailoring, or “localising,” MDR services to customer environments. Addressing this domain is key to more effective prioritisation, more surgical responses and prevention, more accurate separation of true and benign positives, reduction of operational burden on customers – and a host of other benefits. Ontinue’s proprietary AI, ION IQ, enables localized insights and protection tailored to customers’ unique environments, resulting in faster, more accurate prevention, detection, and response, while continuing to lessen the burden on customers’ security teams.
The three new AI-powered skills added to Ontinue ION are:
• Critical Asset Intelligence: ION’s Critical Asset Intelligence surfaces overlooked critical assets on behalf of security teams who often struggle to keep up with the constant changes in today’s IT environments. This additional context enables Ontinue’s Cyber Defenders to focus on incidents that pose the greatest risk and to respond quickly and effectively while also limiting the impact on business operations.
• Azure OpenAI-integrated ION Chatbot: Customers can ask questions of ION using natural language and receive the needed information in seconds via Microsoft Teams. This replaces the legacy approach of surfacing information through portals, static reports, email and phone calls that burden customers with questions, such as requesting incident details or tailored guidance on optimising SIEM ingestion. This results in answers localised to each customer’s environment, that are highly actionable and which are delivered in seconds, not hours or days.
• Incident Conviction: The new Incident Conviction AI models in ION MXDR allow Ontinue’s Cyber Defenders to make faster and more accurate responses. It addresses the age-old challenge of distinguishing between true and benign positives in a given customer’s environment, using AI models that generate highly localised conviction ratings. This enables Ontinue defenders to move faster on true incidents, and also reduces the risk of dismissing real incidents in highly complex environments.
Ontinue ION sets new standards for MXDR services. It uniquely delivers AI-powered Nonstop SecOps with 24/7, always-on protection while increasing overall security program maturity, efficacy and scalability. ION overcomes the shortcomings of traditional MDR solutions in several ground-breaking ways, including the first Microsoft Teams-based collaboration model for seamless real-time communication between SecOps, IT and all other security stakeholders. Ontinue is also pioneering the use of generative AI and automation to localize the ION service for a given customer, and to accelerate the detection and response to threats faster than ever before. Complementing these advanced capabilities of the ION service is the deep Microsoft security expertise of Ontinue’s ION staff, which enables customers to maximize the capabilities of their Microsoft security investments and lower their security total cost of ownership.