Skip to main content

Introduction to

What is is a platform for delivering decision intelligence, that currently augments Security Operation Centers's capacity in dealing with incoming threats by increasing analyst efficiency in decision-making.

Our platform is a decision intelligence platform that uses AI, more specifically NLP (Natural Language Processing), Deep Learning and Expert Feedback for streamlining the process of alerts handling in Security Operation Centers.

Deep learning

For the deep learning aspect, we formulate the problem of alert triaging as a binary classification task in which a given corpus of alerts is flagged by experts as true positives (alerts of interest to the SOC team for further investigation or resolution) and false positives (noise).

Using Neural Networks (NN) and Natural Language Processing (NLP), alerts are processed by taking feature-level context into consideration for more dynamic analysis.

Decision intelligence

Based on the model’s decision, will help the SOC team to streamline their day-to-day processes, assisting with various activities: alert handling and prioritization, incident creation and handling, threat intel collection, notifications,yarn or even improved remediation.

Expert feedback

The backbone of Arcanna's innovative approach consists of how it enables users to directly influence the deep learning algorithm in an efficient way.

As alerts are processed and the algorithm makes a decision to classify them as either false-positive or true-positive, the users are presented with these results and they have the option to change the classification or leave it as decided by the algorithm.

As users give more feedback, the model will improve and adapt to the particularities of the ecosystem in which it runs, becoming a virtual member of your security team that encompasses the knowledge of all your experts.