Overview

Detectors based on AI models that use artificial intelligence—such as machine learning (ML) or behavioral analytics—to identify suspicious and anomalous indicators from the stream logs.

These AI-driven detectors go beyond traditional rule-based methods by learning from data patterns, adapting over time, and detecting unknown threats or subtle anomalies that static rules might miss.

The platform implements a predictive Ai framework with next design keys:

The system continuously monitors the content of log streams from all sources across all clients. When it detects the characteristics required by a specific model, it automatically initiates training for that model on that particular client.

As a result, SOC analysts are not required to manually intervene to deploy AI-based detection use cases—once a log stream with the appropriate characteristics is integrated, the corresponding use cases are automatically deployed.

Detection models can be composed of multiple AI techniques chained together, rather than relying solely on machine learning or neural networks, as is common in most security platforms.

This approach enables the creation of more complex and effective detection use cases, resulting in a higher level of accuracy and precision in threat detection.