The security assistant provides the context and reasoning to respond quickly and appropriately in the early stages of an attack.
At Sage, Sysdig uses an autonomous agent approach. This means it deploys multiple specialized AI agents that work together with one goal: to simplify, improve, and accelerate the human response to an attack. These agents have domain-specific knowledge, allowing them to address different cloud security challenges.
Deep insights
A key benefit of this is the ability to use multi-step reasoning. This means the agents can translate deep insights into incidents into concrete answers for security experts, allowing them to assess the severity of the risk quickly.
In addition, the AI cloud security analyst is context-aware. As a result, it can provide context about the data a user is viewing, for example, to answer a question. The assistant can also help find the right place within a security platform to contextualize a threat better. If the user asks the assistant a vague question, such as “Can you tell me more about this?” it understands that it is asking for an explanation of the data on the screen and may also search other pages to answer the question fully.
Finally, Sage suggests proactive response actions, prevention strategies, and process improvements. This is an important feature for Sysdig to provide more than just threat summaries and explanations. The Sysdig platform aims to contribute overall to defending against cloud-based attacks, where proactive action is key.
The AI cloud security analyst is available for free, but has a usage capacity. If additional capacity is needed, additional access can be purchased.