May 18, 2024


Head over to our on-demand library to view sessions from VB Transform 2023. Register Here


Dropzone AI, a startup that aims to automate the tedious and time-consuming work of investigating security alerts, announced today that it has raised $3.5 million in seed funding from a group of investors led by Decibel Partners, a venture capital firm that focuses on early-stage enterprise software companies.

The company also announced the availability of its autonomous AI security agent, a software product that uses large language models (LLMs) to mimic the thought processes and techniques of expert security analysts. The agent can process and investigate every security alert from various sources and produce detailed reports and recommendations for human analysts.

“We have reached an inflection point where humans alone can’t keep up,” said Edward Wu, founder and CEO of Dropzone AI, in an exclusive interview with VentureBeat. “They need to be armed with an entirely new and better way to automate and enable their defensive forces.”

Using LLMs to reinforce the frontlines of cybersecurity

Wu said he started Dropzone AI because he observed that cyber-defenders are losing the technological arms race against attackers, who can leverage LLMs to improve their attacks. He also said that the acceleration of digitalization means that security teams need to deal with thousands of alerts every day from different security systems, such as endpoint detection and response (EDR), firewall, intrusion detection system (IDS), email, and cloud security solutions.

Event

VB Transform 2023 On-Demand

Did you miss a session from VB Transform 2023? Register to access the on-demand library for all of our featured sessions.

 


Register Now

“Most teams are only able to fully research about 10% of daily events, leaving open the likely possibility of missing early warning signs of serious security breaches,” Wu said.

Wu told VentureBeat that his company’s solution can help security teams cope with the increasing volume and complexity of cyberattacks, and enable them to focus on higher-value security work. He said that his company’s AI agent does not rely on pre-programmed playbooks, which are difficult to write and maintain, but rather uses LLMs to reason and investigate alerts autonomously.

“Our approach sidesteps some of the traditional challenges that require terabytes of existing, well labeled, human-curated security data in order to train or build an AI system that works,” Wu said. “We use a slightly different approach that does not require a vast treasure trove of data to begin with, and that allows us to bootstrap our technology and kickstart the customer data network flywheel without spending years or tens of millions of dollars just gathering data.”

Automating security alert investigation with AI

Dropzone AI’s leading product is not just another chatbot system for security workers. Instead, it is being marketed as an autonomous alert investigation system that can conduct end-to-end investigations of security alerts autonomously and generate a comprehensive report with a recommended conclusion. “Our main product capability is the autonomous alert investigation capability, where you feed in alerts and the system goes about performing the investigation end-to-end autonomously,” Wu explained.

The company also offers a secondary chatbot capability, designed to handle ad hoc investigations and questions from the organization. Wu describes the chatbot as a “natural language interface” that allows analysts to focus on the information they want to know, acting as an assistant that navigates across different data sources to perform information retrieval.

“We are building autonomous agents. We don’t need human analysts to tell the system what to do. The system, from day one, already knows what to do and knows how to use different security tools and data sources,” Wu emphasized. This level of automation and intelligence is on an autonomous agent level, akin to Tesla’s full self-driving technology, compared to the cruise control-like functionality of the chatbots from other companies.

Wu also said that his company provides oversight and transparency to security teams that use his AI agent for alert investigation. He said that Dropzone AI’s autonomous agent does not necessarily replace human analysts, but rather assists them with the frontline work and produces detailed investigation reports that show the chain of evidence and reasoning behind their conclusions.

Wu said that his company is still in the early stage of development and is actively working with design partners to improve its technology. He also said that his company will have an online demo on its website where anyone can experience its AI agent. He said that the company will be in attendance at the Black Hat USA 2023 cybersecurity conference this week in Las Vegas.

Backed by cybersecurity veterans

The seed funding round was led by Decibel Partners, joined by Pioneer Square Ventures Fund. Notable angel investors such as Oliver Friedrichs, CEO of Pangea Security and founder and former CEO of Phantom Cyber, Jon Oberheide cofounder and former CTO of Duo Security, and Jesse Rothstein, cofounder and CTO of ExtraHop, also participated in the round.

Jon Sakoda, founder of Decibel Partners, said in a statement that he was impressed by Wu’s vision and expertise in using AI to augment security operations teams.

“Cybersecurity teams need to update their defensive scheme with the best technology available, and Dropzone is an essential tool for every company that wants to rapidly augment its security operations team to face the increasing cyber threats of today’s world,” Sakoda said. “We are incredibly privileged to partner with Edward and to help him deliver on his vision of using AI to deploy autonomous reinforcements — this changes the game for cybersecurity teams and brings much-needed help to the front lines.”

VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.



Source link