Rubrik announced a joint collaboration to integrate Rubrik Security Cloud with Microsoft Sentinel and Azure OpenAI Service to accelerate cyber recovery through the use of generative AI and Natural Language Processing (NLP). This integration will offer a truly actionable use of AI to reduce the time required to investigate and determine responses to cyber events, ultimately providing an overall boost in cyber resilience.
According to the new Rubrik Zero Labs’ State of Data Security report, only 56% of IT and security leaders reported developing or reviewing an incident response plan in 2022. Furthermore, Security Operations Center (SOC) and incident response teams are inundated with thousands of alerts each day, and it can take hours to sort through and prioritize responses. These challenges reflect the need for a modern solution that can not only help SOC teams investigate the most pressing cyber events, but provide guidance on how to remediate.
“In a time when bad actors are becoming increasingly inventive, organizations must lean on AI to turn the tables on attackers,” said Charlie Bell, Executive Vice President of Security, Compliance, Identity, and Management at Microsoft. “Working with Rubrik establishes a counterpoint to the modern threats that our customers are facing and allows organizations to react to incidents more quickly. Through the speed of AI, we believe security defenders will be able to identify and stop attacks faster than ever before.”
Rubrik’s ability to provide time series data insights directly into Microsoft Sentinel enables organizations to address evolving cyber threats and safeguard their most sensitive information. With this integration, the platform is designed to automatically create a recommended task workstream in Microsoft Sentinel created by Rubrik by leveraging large language models and generative AI through OpenAI.
This integration will empower security and IT teams to:
- Streamline Incident Creation to help incident response teams prioritize alerts by automatically creating an incident in Sentinel based on anomalous activity within Rubrik Security Cloud.
- Automate Recommended Task Workstream by suggesting incident response tasks that will enable IT and security teams to investigate the incident more rapidly while preserving evidence for forensics purposes.
- Accelerate Cyber Recovery by dynamically generating code for investigating the incident in Microsoft Sentinel, allowing IT and security teams to react swiftly to maintain business resiliency.
“The explosion of generative AI will catapult us into a new age of cyberattacks – attacks that go far beyond human comprehension. We must fight fire with fire and use generative AI to not only understand future cyber events but to also prevent and defend against them,” said Bipul Sinha, CEO and Co-founder of Rubrik. “We’re thrilled to collaborate with Microsoft and continue to build upon our progressive and long-standing partnership. This is an important step forward as we continue our mission of securing the world’s data and helping businesses achieve cyber resilience.”
Today’s announcement follows Rubrik’s initial integration with Microsoft Sentinel unveiled in October 2022, as the companies continue to enrich their long-standing strategic relationship following Microsoft’s equity investment in Rubrik in August 2021