0
2.1.1
Yokohama Patch 1, Yokohama, Xanadu Patch 7, Xanadu Patch 4, Xanadu Patch 3, Xanadu
Empower your SOC team with Generative AI capabilities for Security Incident Response.
- Expedite triaging of security incidents with long activity streams by reviewing work notes and contextual information quickly in a concise, easy-to-read format.
- Preview security incident details, their potential impact, and any key actions already taken with security incident summaries using generative AI.
- Automatically generate:
- Within the workflow and upon request the next recommended steps your analysts can follow to help them close a security incident.
- A post-incident analysis for a security incident that includes a root cause analysis, impact assessment, and learning and recommendations information.
- Closure notes for security incidents using generative AI.
- Access summaries and closure notes from the Now Assist panel, security incident records, or from the Security Incident Response Workspace.
New:
The Close security incident AI agent uses skills to generate the post incident analysis (PIA), closure notes, and the close code from the Now Assist panel to assist analysts with closing security incidents.
- Analysts can provide feedback and adjust content for the PIA, closure notes, and the close code by entering natural language in the Now Assist panel. They can accept the generated content by replying with positive responses such as "looks good" or "Ok", or they can ask to refine it.
- Additionally, analysts can ask the AI agent to close false positive security incidents with minimum intervention. The PIA, closure notes, and close codes are updated without analyst feedback.
Required plugins and products:
- Now Assist for Platform v6.0.0
- Security Incident Response Core: v13.6.5
- Security Incident Response (SIR) Workspace: v1.7.0
- Recommended Actions for Security Operations: v1.0.2