On the Cloud Computing docket today, we’ve got Rubrik, Microsoft Sentinel and Azure OpenAI Service. The long-story-short of this joint collaboration is simple: Rubrik will integrate its Rubrik Security Cloud with the latter Microsoft (News - Alert)/Azure services to accelerate cyber-recovery solutions via generative AI and natural language processing (NLP). This integration is aimed at threat responses and how to actionably use AI to reduce the time required to, according to a statement from Rubrik, “investigate and determine responses to critical cyber events, ultimately providing an overall boost for operations’ cyber resilience measures.”
The long-story-longer type of details are as follows:
With this bidirectional integration, teams can enrich their incident investigations with Rubrik-powered insights (e.g. anomalies, sensitive data, etc.) right in Microsoft Sentinel, and they can execute Rubrik workflows (e.g. threat hunts and orchestrated recoveries) directly from within Sentinel and Microsoft Teams. To streamline responses even further, Azure OpenAI Service generates recommendations around suggested next steps that expert incident responders may take. It even attaches them as tasks to said flagged incidents within Microsoft Sentinel itself.
It seems that part of what has fueled this heavy-duty integration from Rubrik was data from its latest Rubrik Zero Labs’ “State of Data Security: The Hard Truths” report. In it, Rubrik Zero Labs details how “only 56% of IT and security leaders have worked on the development of a thorough incident response plan in 2022.” Couple that statistic with how Security Operations Center (SOC) and incident response teams are still inundated with thousands of alerts daily, and even the most highly prioritized responses may take hours (if not longer) to sort through and resolve. Such challenges reflect the need for a modernized solution that helps SOC teams investigate truly pressing cyber events; new tools that provide guidance on best-practice remediation approaches to ensure what requires a response is rapidly (and thoroughly) handled.
It's also important to remember that this isn’t solely about responsivity; it’s also about the core of data security. In 2023, organizations sit on oceans of data. For many, these oceans may seem vast, but stable on the whole. Meanwhile, bad actors – real-life predators amidst the digital currents of data that flow around us – lurk and await what they deem the perfect opportunities to attack; to seize data from environments that are unsecured. Because, as Rubrik Zero Labs writes, “for each data security solution, there’s a follow-on challenge.”
To address the follow-ons? Rubrik, Microsoft Sentinel and Azure OpenAI.
“In a time when bad actors are becoming increasingly inventive, organizations must lean on AI to turn the tables on attackers,” said Charlie Bell, Executive Vice President of Security, Compliance, Identity, and Management at Microsoft. “Thus, working with Rubrik establishes a counterpoint to the modern threats that our customers continue facing and allows organizations to react to incidents more quickly.”
Rubrik’s ability to provide data insights directly into Microsoft Sentinel enables organizations to address changing cyber threats and safeguard their most sensitive information.
“We must use generative AI to not only understand future cyber events, but to also prevent and defend against them,” said Bipul Sinha, CEO of Rubrik. “This is why we’re collaborating with Microsoft and building upon our progressive and long-standing partnership. This is an important step forward.”
Edited by Greg Tavarez