Autonomous XDR Investigator analyzes relationships among billions of security events to comprehensively and automatically investigate attack campaigns for customers
Kognos, creators of the cybersecurity industry’s first autonomous XDR investigator platform, today launched the Autonomous XDR Investigator, a platform backed by security-aware AI that empowers customers to automatically detect, investigate and respond to attack campaigns in real-time.
Built on the principle that attacker behavior is indicative of attack methodology, attribution, and data for exfiltration, the Autonomous XDR Investigator fuses events from existing EDR, NDR, SIEM, and other telemetry sources into relationship graphs.
Kognos continuously monitors billions of these relationships to detect suspicious behavior. Once detected, Kognos uses an AI-powered inquiry engine to ask thousands of forensic questions per second, mining these relationships to autonomously track malicious users or external actors throughout the network and present the findings as visual stories, empowering security analysts to respond in real-time and significantly reduce dwell time.
The Kognos advisory board comprises some of the cybersecurity industry’s most innovative executives including, Tim Eades, CEO of vArmour, Mike Viscuso, Co-founder and former CTO of Carbon Black, Joram Borenstein, GM, Cybersecurity Solutions, Microsoft, and Joe Eandi, Co-Founder and former CEO, BrightPoint Security.
Read More: IT Security – More than 80% of Enterprises Are Prone to Malicious Activities
“Modern defenders need a full understanding of attack behaviors across different perspectives, as well as the relationships among those behaviors,” said Mike Viscuso, Co-founder and former CTO of Carbon Black. “Kognos’ security-aware AI combines signals from disparate sources into one, consistent attack story, empowering defenders to immediately act on malicious campaigns without the noise from individual product alerts.”
Founded by CEO Rakesh Nair, former Head of Engineering at Netwitness/RSA, Kognos was built by security practitioners for security practitioners. With the known issue of alert fatigue, frustration with false positives and negatives, and the current complicated process of investigating attacker behavior and campaigns, Kognos is the only platform that dramatically simplifies the process of investigating attacker behavior and campaigns in real-time so security teams can focus on remediation and response.
“Today’s threat actor lives and thrives within enterprise environments with the ability to freely execute lateral campaigns, live off the environment itself, or offer a prime opportunity for insider threats to siphon information for financial gain,” said Rakesh Nair, Co-Founder and CEO, Kognos. “With Kognos, enterprises can now gain real-time visibility of all of these scenarios as they are happening and act immediately to prevent the ability for attackers to fully execute campaigns.”
Read More: Predictive AI’s role in enhancing Cybersecurity
Kognos empowers enterprises to:
- Detect: Kognos continuously monitors all activity and relationships to detect suspicious behaviors and trigger investigations.
- Investigate: The platform investigates hundreds of billions of relationships using thousands of forensic questions per second. The intuitive UI fuses all observed evidence to form visual storylines for full context and impact to bubble up high risk stories.
- Respond: Through the isolation of impacted devices and quarantining suspicious processes, Kognos sink-holes malicious domains.
Kognos uniquely understands the importance of identifying attack campaign directionality, blast radius and, most importantly, intent. Through integrating existing investments with API-based adaptors across EDR, NDR and SIEM, the Kognos platform ingests alert data to determine which behaviors are most critical to address to perform both retroactive and real-time analysis of attack campaigns. The Kognos autonomous XDR investigator is the only solution that is able to trace and investigate complete attacker campaigns, active campaigns, and failed campaigns.
“Kognos provides a unique solution to visualize all the happenings on a network, enabling humans and technology to work together and create defensible networks. Kognos is an antidote to solving the problem of seeing attacker campaigns in action,” said Sarah Lucas, General Partner, Lucas Venture Group.
The company has raised a seed round to date from Lucas Venture Group, Cyber Mentor Fund and angel investors.