Druva, the leading provider of data security, is debuting Dru Investigate, a generative AI (GenAI)-powered tool designed to help IT admins and security teams investigate cyberthreats with natural language. By eliminating the need for complex queries, enterprise teams can effectively and intuitively understand potential data risks, streamlining the investigation process and fueling positive outcomes.
The current security landscape dictates that security teams must thoroughly understand applications and build complex search queries across diverse data sources before they can analyze it for potential risk—creating a wide gap between data and insight, according to Druva. This is further complicated by any unique sensitive data protections and regulations, particularly within legal sectors.
Dru Investigate aims to alleviate the pains of data risk investigation, empowering teams to more easily understand complex attack patterns—from malware gestation to score, sprawl, and intellectual property theft and fraud. With the power of AI and natural language processing (NLP), Dru Investigate accelerates risk investigation and remediation with rapid data understanding.
“Backup admins or IT admins know where to look for data, but not necessarily what to look for, and security admins know what to look for, but not necessarily where to look,” explained David Gildea, VP of product at Druva. “We're trying to bridge that gap so they can speak the same language, and they can interact with Druva in the same way.”
By facilitating collaboration between crucial teams through simplified data investigation, Dru Investigate accelerates decision making in often high-pressure risk situations. When investigating potential risks, users can simply ask a variety of questions to gain greater insight, such as, Where should I look for indicators of this attack?
“You see a kind of relief on the faces of the IT people who are responsible for this [data insight] in very high stress situations,” said Gildea. “They're able to ask questions, to get answers, and know that they are giving the right answer [to]...someone standing over their shoulder that's saying, ‘Is this right? Are we sure that we've got all the information? Are we sure there's no compromises?’”
Dru Investigate brings light to the areas of risk that may elude enterprise teams, offering the following capabilities:
- Safeguard backup environments by detecting admin credential misuse—indicated by the creation of shadow accounts or destroying backup data—and take necessary action to remediate these breaches.
- Identify anomalies in data such as sudden file encryption or mass deletions, and directly search file activities to gauge the extent of any threat.
- Locate and remediate intrusion and related evidence across all protected data, surfacing indicators of compromise and artifacts for faster remediation and recovery.
Dru Investigate is built on Amazon Bedrock, bringing by-design security to the enterprise data it handles, encrypting it on the Druva platform. Dru AI products do not access, learn from, or share customer data. Dru Investigate utilizes enterprise metadata to identify potential data risk, further secured by isolated large language models (LLMs) and private retrieval-augmented generation (RAG).
At its core, Dru Investigate delivers the ability to “simplify a really complex process down to something that looks so simple and often hides a lot of the magic. But that's what the value is for customers—they get to ask simple questions to complex problems, get that answer, and make sure that their enterprise is as secure as it can be,” concluded Gildea.
To learn more about Dru Investigate, please visit https://www.druva.com/.