Software is solidifying. While the code structures and architecture beneath our applications and data services are actually “liquifying” in the sense that they are becoming more modular, disaggregated and individually componentized (into finer droplets, so to speak), the IT industry is working hard to solidify the outer surface of our technology to prevent outages, to combat malware and to take arms against a sea of troubles caused by cloud network misconfigurations and so on.
The quest to create more robust software architecture has inevitably drawn on the automation advantages offered by generative AI. Using the massive scope for reasoning and learning offered by AI, we can create software functions that exhibit predictive and causal knowledge in order to protect our IT assets more quickly and more comprehensively.
Aiming to play a part in the solidification processes currently underway is secure data management specialist Cohesity with a new injection of generative intelligence in its core platform. Cohesity Data Cloud now features enhancements designed to manage threat detection, data security posture and cyber recovery. A new “clean room” design environment provides software engineers with a guided incident response wizard so they can move from a position of alert to recovery.
The work to implant more generative AI into its platform complements Cohesity Gaia, a retrieval augmented generation-based AI solution that the company brought forward at the start of this year.
What Is An IT Clean Room?
The above-noted clean room concept began as a secondary location to run malware scans on business data. In terms of practical usage, a clean room should be implemented as a trusted environment where data and code analysts examine digital evidence related to incidents, breaches, or system events that would broadly be ranked as negative, unwanted and potentially harmful.
“A [clean room] environment is where the security operations team can perform the investigatory steps needed to understand how an attack happened without the attacker being able to eavesdrop on the investigation. Building a timeline of the incident allows them to devise a recovery plan that eradicates the threat and helps prevent reinfection in the future. After the data is proven to be clean in this isolated environment, it can be moved to a staging area for testing to ensure that functionality is not lost before going back into production,” explained Chris Hoff, senior product marketing manager at Cohesity.
According to a World Economic Forum 2024 outlook report, around a third of business executives think that skills gaps are the main challenge they face in achieving their IT system resilience goals. With budgets always a challenge and the spectre of waning skills failing to keep pace with the speed of AI being used for negative purposes, it is perhaps obligatory for organizations to use this same breed of technology for the greater good – and this action is of course what Cohesity is trying to champion.
Fighting Fire With Fire
“Threat actors are increasingly relying on AI to not only create more sophisticated attacks, but to also increase their volume drastically,” said Craig Martell, chief technology officer, Cohesity. “We’re giving users the tools to fight fire with fire, helping them take on these threats to their environment and move on from them quickly, ensuring business goes on as usual. The enhanced cyber recovery assistant and clean room design will make our customers more resilient and we’re continuing to innovate more responsible, AI-powered capabilities to the Cohesity Data Cloud.”
Cohesity says its clean room design provides a trusted and proven foundation that speeds incident recovery and augments investigations by IT teams while minimizing the risk of secondary attacks. The modular design helps isolate the attack or breach and provides several native capabilities to support the IT department’s needs in the clean room investigation.
The company has also enhanced its AI-powered recovery assistant tool. Using security context as the input stream for generative AI and complementing this with multiple sources including threat hunting scans, ransomware detection, data risk and posture, users can receive an alert to flag anomalous behavior. They are then able to have a conversation to assess the impact of the anomaly and correlate events and get direction on the right next steps on investigation and any remediation that could be needed – all from within the software “wizard” without the need for specialized professional to be present or contacted.
Software’s Liquid Evolution
Coming back to our initial analogy here, software is experiencing a liquefaction due to the flow of amount of precipitation that happens throughout cloud networks with their composable and virtualized structures that decrease the size of the molecules now forming the actual compute clouds themselves. Fighting (AI) fire with fire as we attempt to channel our watery IT streams into the right place might sound rather elemental, but it is arguably what we need to do in order to keep our feet on solid earth.