Next DLP (Next), the risk and data protection solution provider, is unveiling XTND AI, an AI-powered personal assistant engineered to aid insider risk and data security analysts elevate their workflows and operate at a more advanced level. By both optimizing the analyst experience and extending their expertise, XTND AI works to amplify data security through streamlined, intuitive insights.
XTND AI’s primary focus is providing context of incidents within the Reveal platform’s detection and response capabilities.
Once the platform provides user behavior insights, as well as its risk scoring mapped to the MITRE ATT&CK framework, the XTND AI assistant summarizes and presents incidents to the analyst with proper context—which may include details such as how often a user engages in a certain behavior, if a specific type of incident is common in this organization or job role, and more—in an easy-to-consume manner, according to Next.
“We realized that this kind of interaction with an AI system is really helpful to streamline, asking for that information and then bringing it forward,” said John Stringer, head of product at Next. “So instead of having to cram lots and lots of information into the incident, what [XTND AI] allows us to do is to be very focused on that information we provide…[and] then allow the interaction with the AI system to bring that additional contextual information through.”
To access XTND AI, analysts can opt-in to the experience if desired, which will then prompt an interface that can describe and break-down the observed activity. The descriptions—which are delivered via Open AI’s ChatGPT model—are armed with extensive expertise in the MITRE framework, ensuring that any information an analyst receives is the right information.
Stringer also noted that Next is interested in developing in-house large language models (LLMs) in the future, all in an effort to optimize even more analyst tasks and detection capabilities.
XTND AI offers value for both junior and senior analyst workflows, according to Stringer. For junior analysts, XTND AI’s contextualization can drive robust understanding of the chain of activity associated with processes such as data exfiltration, therefore encouraging more informed decision-making.
For more senior analysts, who are often responsible for summarizing investigative information, XTND AI can ease the pains of tedious, time-consuming incident descriptions. These analysts can leverage XTND to rapidly generate a summary, edit that description, and share it with crucial stakeholders with greater efficiency.
“At the heart of what we're looking to be able to do here is…to not necessarily replace what the analyst is already doing but make it easier to streamline their day-to-day activity and make sure that they can get more done with the time that they have available,” explained Stringer.
Ultimately, the XTND AI assistant aims to reduce the time to contain (TTC) while positively impacting the time to respond (TTR) to insider threats. The future of XTND AI is even more promising in this regard, with the potential to expand its AI capabilities to further amplify the analyst experience.
“What’s really great about the XTND AI is that it makes it very easy to understand the risk associated with the activity, and then to kind of contextualize that activity, to understand whether it is deliberately malicious or non-malicious,” said Stringer. “This is just the tip of the iceberg…there's a whole bunch of additional things that we can start to apply this to later on.”
To learn more about Next’s XTND AI, please visit https://www.nextdlp.com/.