Written byChris Bing
A newly launched software product, developed by Arlington, Virginia-based cybersecurity firm Endgame, will provide security operators with personal virtual assistants.
The tool, named Artemis, will be rolled into the company’s larger endpoint detection and response platform, known as EDR, which is currently employed by the U.S. Air Force, among others. Anyone with access to Endgame’s EDR platform will be able to use Artemis.
Artemis will offer analysts security notifications, contextual breach alerts and other actionable features to counter intrusions. The assistant continuously scans a comprehensive dataset collected by Endgame’s endpoint agent, which amasses information on millions of events occurring in realtime across a client’s computer network.
The product will be publicly demoed for the first time at the 2017 RSA Conference in February.
Unlike Siri, Apple’s popular iOS virtual assistant, Artemis has no voice interaction capabilities. It functions more similarly to chat bots used today to “order pizza or get customer service,” a company spokesperson described. For example, an operator can interact with the tool via text-based questions like: “What is suspicious about my network today?”
Artemis is powered by machine learning and natural language processing technologies, which enable it to “anticipate priorities for security teams” and detect patterns in malicious network activity.
“Artemis should be thought of as an assistant to the security analyst as opposed to a sentient being which takes control out of the hands of the operator,” the spokesperson said, “for a given alert or issue, Artemis [will] immediately suggest logical and effective next steps or actions. By preemptively suggesting the most urgent information to the user, Artemis empowers less-experienced Tier 1 analysts to behave at the similar level of sophistication as a Tier 3.”
Once dubbed the “Blackwater of Hacking” by Forbes’ magazine, roughly 25 percent of Endgame’s workforce of more than 100 came to the firm with experience from the U.S. intelligence community.
In early December, Endgame was awarded an $18.8 million U.S. Air Force cybersecurity contract. The deal came almost one year after the publication of a report by the Air Force’s Scientific Advisory Board, which warned of software vulnerabilities in the military’s digital infrastructure.