Usually, when trying to determine whether or not there has been a security breach, some IT security specialists need to go through logs and alerts from a variety of firewalls and security applications with a fine toothed comb, taking a lot of patience, a lot of knowledge, and a lot of time.
Endgame Security is trying to change that with its chatbot, Artemis. But how can a chatbot help with security?
What are endpoint security services?
Most traditional IT security takes place on an internal network, creating barriers around the edges, as well as checks within the network for some added defence in depth. This was fine when most, if not all, business was conducted by devices within the network, but times have changed, and now the vast majority of businesses have at least one employee working from home or from the road on a regular basis.
When you have devices outside of the control of your IT security team, but with full legitimate access to your network, you create a number of unsecured, or laxly secured, access points for a clever hacker.
Endpoint security, such as that provided by https://www.promisec.com/, aims to secure all devices that will be connecting to your network. This means that all devices with direct connections will be fully vetted and secured, and all information will be encrypted, significantly reducing the risk posed by offsite workers.
How does a chatbot help?
Endpoint’s chatbot aims to cut down on the time it will take security specialists to identify and react to ongoing or past cyber-attacks.
Instead of having to manually sift through logs from a number of sources, a security specialist can simply ask the chatbot if they are being attacked by a certain worm, or if there are any anomalies in the past twelve hours – basically, applying the same technology used for personal assistant apps to security logs, instead of shopping.
Whether or not chatbots for this sort of automation become an industry standard, of if this is a gimmick that will never be seen again, is yet to be seen. If the bot is continuously updated to recognise any questions a security specialist might have, it could be a great automation feature.