News

Rubrik and Microsoft Extend Partnership for AI-Based Security

Rubrik announced on Wednesday a further evolution of its partnership with Microsoft with the integration of the security firm's Security Cloud services in Microsoft Sentinel and Azure OpenAI Service.

Rubrik said the partnership will leverage generative AI and natural language processing (NLP) to speed up the cyber recovery processes for Microsoft customers, and builds on the previous integration of Rubrik technology in Microsoft Sentinel.

Mike Preston, Rubrik developer advocate, said that the integration into Azure OpenAI Services will benefit enterprises in the following ways:

  • Streamline Incident Creation to help incident response teams prioritize alerts by automatically creating an incident in Sentinel based on anomalous activity detected within the Rubrik Security Cloud machine learning models.
  • Recommend Task Workstreams by suggesting incident response tasks that will enable IT and security teams to investigate the incident more rapidly while preserving evidence for forensics purposes.
  • Accelerate Cyber Recovery by dynamically generating Kusto Query Language (KQL) syntax for investigating the incident in Microsoft Sentinel, allowing IT and security teams to react swiftly to maintain business resilience.

Preston clarified that Rubrik Anomaly Detection will provide ongoing monitoring of backups, using machine learning to detect file activity and encryption within the file system. It will then identify anomalies and feed the information into Microsoft Sentinel. IT can also access the time-series analysis of data.

Once fed to Sentinel, custom monitoring rules based off the info are created, and an incident workspace for security collaboration will automatically be created if the anomaly is again detected, and suggested immediate actions to address the security issue (generated by Azure OpenAI) will be provided.

This week's announcement is just the latest push by Microsoft to partner in expanding the capabilities of generative AI-related technologies across its ecosystem, and the company says that the partnership with Rubrik will have strong impact on keeping enterprises secure.

"In a time when bad actors are becoming increasingly inventive, organizations must lean on AI to turn the tables on attackers," said Charlie Bell, Executive Vice President of Security, Compliance, Identity, and Management at Microsoft. "Working with Rubrik establishes a counterpoint to the modern threats that our customers are facing and allows organizations to react to incidents more quickly. Through the speed of AI, we believe security defenders will be able to identify and stop attacks faster than ever before."

About the Author

Chris Paoli (@ChrisPaoli5) is the associate editor for Converge360.

Featured