Skip to main content

Introduction to Arcanna.ai

What is Arcanna.ai

Arcanna.ai is a platform for delivering decision intelligence. It augments Security or Network Operation Center analysts in dealing with incoming alerts by increasing analyst efficiency in decision-making.

Arcanna.ai continuously learns from your experts by using an innovative method for expert knowledge integration into deep neural nets by combining a continuous human feedback-loop, Natural Language Processing and deep learning.

Our platform enables analyst's decisions to be augmented using AI models obtained by encoding knowledge from the existing processes across the entire security team and uses it to predict future decisions, increasing efficiency in decision-making.

Deep learning

For the deep learning aspect, we formulate the problem of alert triaging as a classification task in which a given corpus of alerts is flagged by experts as either true positives (alerts of interest to the SOC team for further investigation or resolution), false positives (noise) or any other class defined by the user.

Using Neural Networks (NN) and Natural Language Processing (NLP), alerts are processed by taking feature-level context into consideration for more dynamic analysis.

Decision intelligence

Based on the model’s decision, Arcanna.ai will help netowrk or security teams to streamline their day-to-day processes, assisting with various activities: alert handling, incident creation, threat intel collection, notifications, yarn or even improved remediation.

Continuous human feedback-loop

The backbone of Arcanna's innovative approach consists of how it enables users to directly influence the deep learning algorithm in an efficient way.

As alerts are processed and the algorithm makes a decision to classify them as either false-positive or true-positive, the users are presented with these results and they have the option to change the classification or leave it as decided by the algorithm.

As users give more feedback, the model will improve and adapt to the particularities of the ecosystem in which it runs, becoming a virtual member of your security team that encompasses the knowledge of all your experts.