Endgame today announced the launch of Artemis, an intelligent assistant built to automate SOC analyst actions and guide users of any skill level to detect and respond to advanced attacks through a simple conversational interface. As part of Endgame’s EDR platform, Artemis exposes attacker innovations across the entire kill chain in real-time, dramatically reducing the time to detect compromise across enterprise endpoints.
“Security teams are faced with two major challenges: insufficient resources to stop attacks in-progress and lack of automated solutions to uncover malicious behavior in time to prevent information theft,” said Jamie Butler, CTO at Endgame. “Just as digital assistants like Siri or Alexa proved their ability to give time back to our day by tackling complex tasks, Artemis is an assistant that automatically combs through millions of data points to provide intelligent decisions for the security industry. Security teams, especially those that lack sufficient resources, will now have the analytic depth required to find malicious activity across all enterprise endpoints and eliminate threats in time to stop damage and loss.”
Detecting malicious behavior across millions of running processes cannot be done without advanced analysis and automation. Artemis is augmented with machine learning and natural language processing techniques that enable it to anticipate priorities for security teams and detect patterns in malicious behavior before the analyst knows to look for it. For example, if an analyst were to ask Artemis “what is suspicious in my network today?,” Artemis would comb through millions of events across endpoints in seconds and provide the user with a view of malicious activities on the network, drawing upon Endgame’s world-class signature-less detection and prevention capabilities. Artemis would then recommend a course of action to the user to stop the threat instantly. By preemptively suggesting the most urgent information to the user, Artemis empowers less-experienced Tier 1 analysts to behave at the similar level of sophistication as a Tier 3.
Key Benefits of Artemis Include:
- More simplified user experience through a conversational interface, allowing analysts to achieve results in fewer actions.
- Built-in domain expertise of Endgame threat hunters to surface anomalies and steer investigations through actionable recommendations that fit the user workflow.
- Help inexperienced analysts craft expressive query programs to sift through endpoint data without returning extraneous information.
- Ability to launch investigations against all data collected from monitored endpoints.
