Arcanna's Blog

Despite 10+ years of technology promising to solve the alert triage problem, most SOCs are still drowning in the flood. How can AI (not *just* GenAI) finally save the day?

Overwhelmed by cyber threats and data noise? Check out our new blog on the power of autonomous decision-making in cybersecurity. Learn how Arcanna.ai is transforming defense strategies, empowering analysts to make informed choices swiftly.

Human expertise and cutting-edge AI come together to reshape decision intelligence in the SOC. Arcanna.ai mimics human decision through a unique approach pushing the frontier of cybersecurity

In the past, cybersecurity analysts were not nearly valued as greatly as they are today. Increases in the frequency and cost of cyberattacks are skyrocketing the value of

The cybersecurity industry has been struggling with talent retention for years now. The need for niche skills, combined with a talent shortage, makes for the perfect storm of overworked employees.

As a CISO, you constantly deal with improving operational efficiency while keeping costs down. It can be a tricky balancing act, but it is essential to find the right balance if you

In this blog post we'll explore how you can scale your security during periods of high growth for your organization

In this blog we'll be looking at more proactive defensive and preventative activities via robust use cases

We’ll be looking at the top 5 examples of use cases that will focus on the active and incredibly malicious use cases seen in security threat management and negation

Following our first blog, we look at another five common cybersecurity attacks and how SOAR can help address them

In this post we will look at some of the most common cybersecurity attacks how they can be addressed using SOAR

Anomaly detection is one application of machine learning that can be used in cybersecurity. However it comes with certain challenges that need to be overcomed.

Given the necessity of analysts, organizations and CISOs need to be creative in recruiting, hiring, and retaining staff. AI-Assisted Cybersecurity can help by leveraging existing talent within the organization and scaling their capacity to handle workloads

The cybersecurity industry is facing a crisis of resources, where the demand for analysts outpaces the supply of talent, and the talent that is available, may not have the necessary skills. In these times it's critical for organizations to retain their existing talent and scale their capacity to address threats

AI for cybersecurity has always been a solution to help address current challenges. However, AI is not, and may never be, at a point in which it can completely take over. Analyst interention is still required in helping the models learn and adapt.

SOC analysts are the key to the success of an organization's security protocols. A hybrid model is required to ensure that valuable data is protected from cyberattacks. Between the flood of alerts, burnout, a knowledge gap, and talent shortage outpacing demand, CISOs need to find solutions to ensure the safety of their SOC

Employee burnout is not a new phenomenon, but it is on the rise today, particularly in the world of cybersecurity. For companies to withstand the onslaught of security threats, they must resolve the burnout problem that is affecting their employees, and they need the right cybersecurity tools to do so.

Security operations teams are under constant pressure to keep up with existing workloads. As the threat of cybersecurity breaches grows, organizations must support and empower their SOC teams with collective cybersecurity knowledge, and AI-Assisted Cybersecurity can achieve that. 

AI-Assisted Cybersecurity is a new approach to security operations, that enables organizations to leverage their current talent pool to keep up with their security workloads

The role of a SOC analyst isn’t an easy one. The job comes with limited resources, staffing shortages, attrition, and immense mental pressure which leads many analysts to think of a career change

Find out how alert fatigue affects your team and how AI-Assisted Cybersecurity can help reduce it

AI-Assisted Cybersecurity is a tool that works in tandem with your SOC team, harnessing their collective knowledge to analyze threats and streamlines and enhances the work of your SOC enabling organizations to focus on upskilling and retain their analysts

Combine the power of Arcanna.ai with The Hive for a powerful incident handling process to help you improve the security of your business

Find out how Arcanna.ai can help you handle alerts and automate the decision process during triage and integrate with PaloAlto SOAR to streamline the investigation and response process

Elasticsearch shards can be a daunting subject to tackle considering how much of an impact they can have on your cluster. In this article we explain what shards are and how they work and offer some advice on what can be a good practice.

Learn how you can import COVID-19 data into your elasticsearch cluster in order to correlate and analyze the impact of the outbreak with your day-to-day activities

Learn how you can import COVID-19 data into your elasticsearch cluster in order to correlate and analyze the impact of the outbreak with your day-to-day activities

AIOps is on the rise with more and more organizations adopting the technology to cope with today’s operational challenges. However starting an AIOps initiative can be difficult to do. In this article we look at some of the steps you can take for a smooth adoption process.

We live in a world filled with alerts, buzzes, and notifications. Some of these are important, while others are trivial or could be ignored without unpleasant consequences. Our brains naturally develop a system to filter out all the noise and purposefully ignore most of them. The only issue occurs when we miss something that deserved...

Elastic Watcher is a powerful tool that allows among other things for automated alerting. In this blog post we will show how you can use Watcher to quickly get notified of any data loss.

Find out how you can use Google’s Vision and AutoML to extract information from images and further analyze them inside the Elastic stack and possibly leverage that information into a custom built app

With the cybersecurity landscape becoming increasingly complex and dynamic, moving away from a reactive approach to a proactive is critical. Intelscale is an open and scalable threat intelligence solution which enables you to gain insights into cyber attacks and provide faster mitigation

By combining the Elastic Stack together with neural networks we created an automated process for root cause determination which we called ARCANNA (Automated Root Cause Analysis Neural Network Assisted). ARCANNA was created as an open source Elastic plugin which is easy to install and configure

Brute force attacks are among the most used weapons that hackers use to gain control over user or admin accounts and perform disruptive actions. The concept is simple: the attacker tries to guess the password by trying various combinations of characters and the most commonly used passwords.

Now with both RPA and AIOps in the IT landscape I see a lot of confusion around them. Are they the same thing? If not, how are they different? Can they be used together in your infrastructure?

Gartner defines AIOps as, “systems that combine big data and AI or machine learning functionality to enhance and partially replace a broad range of IT operations processes and tasks, including availability and performance monitoring, event correlation and analysis, IT service management, and automation.”