Awake Security introduces Ava, a privacy-aware security expert system

Awake Security unveiled several new capabilities of its Awake Security Platform that greatly amplify the abilities of existing security teams. Foremost among these innovations is Ava, the world’s first privacy-aware security expert system.

Ava combines federated machine learning (ML) and open source intelligence with expertise from Awake threat researchers and security analysts to identify multi-stage attacks and enable automatic threat validation and triage.

By using Awake’s comprehensive knowledge of the network, Ava delivers triaged and actionable incidents rather than the often meaningless alerts provided by traditional security solutions. Customers receive a visual incident report that drives faster comprehension, and ultimately speedier reaction and resolution by security teams.

“With more than 50 billion connected devices in the market today, networks can be exceedingly complex with architectures and configurations that impede security visibility, detection and response,” said David Monahan, managing research director at EMA. “This has led to average attacker dwell times around 195 days, providing malicious actors more than enough time to do significant damage. Awake Security is addressing these issues with its autonomous hunting, which uncovers full kill-chain incidents and agentless device profiling that enriches the incident report with asset-based context, ultimately allowing security teams to prioritize based on business impact.”

“Delivering context-rich and correlated incidents rather than alerts ensures that Awake is part of the solution rather than the alert-noise problem,” said Rahul Kashyap, president and CEO at Awake Security. “Importantly, we designed Ava as an expert system that uses federated machine learning. This has the added benefit of delivering powerful capabilities while always keeping identifiable information within the customer environment. It is extremely fulfilling to see the results and how we are helping change the power dynamic back in favor of our customers when it comes to threat detection and response.”

Ava empowers Awake’s customers with:

  • Privacy-aware machine learning: Federated machine learning allows Awake customers to keep data firmly within their infrastructure while still benefiting from a data science-based approach to security. Many security solutions move customer data into their analytics cloud for training and analysis, which raises privacy concerns and results in sensitive data leaving the organization to be processed on vendor infrastructure. However, with its use of federated machine learning, Awake can train its ML models without requiring the training data to be in a centralized location.
  • Answers not alerts: With this release, Awake identifies and visualizes incidents through automatic correlation across entities, time, protocols and attack stage. This helps security teams move beyond the typical and cumbersome alert triage process. The platform learns from past incidents as well as Ava’s customized cyber security, governance, risk and compliance playbooks to provide the security analyst with both automated and manual response options. These can trigger workflows within integrated solutions or simply recommend remediation steps such as evidence collection.
  • Expertise-on-demand: Customers now have on-demand access to Awake experts for up-to-the-minute threat research, hunting and investigation support. This product-as-a-service capability can be used to augment the internal team, have Awake hunt on the customer’s behalf for incident response and forensics, or simply to get an unbiased external perspective.

Awake will be offering live demonstrations of the Awake Security Platform at RSA Conference 2019.