's Blog

Autonomous Decisions - Turning the Tables in the Defenders' Favor

Overwhelmed by cyber threats and data noise? Check out our new blog on the power of autonomous decision-making in cybersecurity. Learn how is transforming defense strategies, empowering analysts to make informed choices swiftly.

Decision Making in the Era of AI

Human expertise and cutting-edge AI come together to reshape decision intelligence in the SOC. mimics human decision through a unique approach pushing the frontier of cybersecurity

The Changing Landscape of a Cybersecurity Analyst

In the past, cybersecurity analysts were not nearly valued as greatly as they are today. Increases in the frequency and cost of cyberattacks are skyrocketing the value of

How to Improve Cybersecurity Staff Retention

The cybersecurity industry has been struggling with talent retention for years now. The need for niche skills, combined with a talent shortage, makes for the perfect storm of overworked employees.

CISO's Guide to Balancing Operational Efficiency and Cost

As a CISO, you constantly deal with improving operational efficiency while keeping costs down. It can be a tricky balancing act, but it is essential to find the right balance if you

How to Scale Your IT Security as You Grow

In this blog post we'll explore how you can scale your security during periods of high growth for your organization

Top Five SIEM Use Cases For Threat Prevention

In this blog we'll be looking at more proactive defensive and preventative activities via robust use cases

Top Five SIEM Use Cases For Active Threat Detection

We’ll be looking at the top 5 examples of use cases that will focus on the active and incredibly malicious use cases seen in security threat management and negation

Five Common Cybersecurity Attacks and How SOAR Can Address Them Part 2

Following our first blog, we look at another five common cybersecurity attacks and how SOAR can help address them

Five Common Cybersecurity Attacks and How SOAR Can Address Them Part 1

In this post we will look at some of the most common cybersecurity attacks how they can be addressed using SOAR

Navigating Anomaly Detection for Cybersecurity

Anomaly detection is one application of machine learning that can be used in cybersecurity. However it comes with certain challenges that need to be overcomed.

Why is there an IT Talent Shortage in Cybersecurity (and how to address it)

Given the necessity of analysts, organizations and CISOs need to be creative in recruiting, hiring, and retaining staff. AI-Assisted Cybersecurity can help by leveraging existing talent within the organization and scaling their capacity to handle workloads

Addressing The Cybersecurity Skills Gap Problem in IT

The cybersecurity industry is facing a crisis of resources, where the demand for analysts outpaces the supply of talent, and the talent that is available, may not have the necessary skills. In these times it's critical for organizations to retain their existing talent and scale their capacity to address threats

Is AI the Future of Cybersecurity?

AI for cybersecurity has always been a solution to help address current challenges. However, AI is not, and may never be, at a point in which it can completely take over. Analyst interention is still required in helping the models learn and adapt.

The Cybersecurity Headcount Problem: Where is Everyone?

SOC analysts are the key to the success of an organization's security protocols. A hybrid model is required to ensure that valuable data is protected from cyberattacks. Between the flood of alerts, burnout, a knowledge gap, and talent shortage outpacing demand, CISOs need to find solutions to ensure the safety of their SOC

The Cost of Cybersecurity Employee Burnout

Employee burnout is not a new phenomenon, but it is on the rise today, particularly in the world of cybersecurity. For companies to withstand the onslaught of security threats, they must resolve the burnout problem that is affecting their employees, and they need the right cybersecurity tools to do so.

Empower Your Team with Collective Cybersecurity Knowledge

Security operations teams are under constant pressure to keep up with existing workloads. As the threat of cybersecurity breaches grows, organizations must support and empower their SOC teams with collective cybersecurity knowledge, and AI-Assisted Cybersecurity can achieve that. 

Using AI to Leverage Talent in Cybersecurity

AI-Assisted Cybersecurity is a new approach to security operations, that enables organizations to leverage their current talent pool to keep up with their security workloads

Top 4 Reasons Why Analysts Quit Their Jobs

The role of a SOC analyst isn’t an easy one. The job comes with limited resources, staffing shortages, attrition, and immense mental pressure which leads many analysts to think of a career change

How Alert Fatigue Impacts Cybersecurity

Find out how alert fatigue affects your team and how AI-Assisted Cybersecurity can help reduce it

Retaining Your Best IT Analysts, Employees, and Company Knowledge

AI-Assisted Cybersecurity is a tool that works in tandem with your SOC team, harnessing their collective knowledge to analyze threats and streamlines and enhances the work of your SOC enabling organizations to focus on upskilling and retain their analysts

Filtered Incident Response: Arcanna & Hive integration

Combine the power of with The Hive for a powerful incident handling process to help you improve the security of your business

PaloAlto SOAR and Arcanna - a powerful team against cyberthreats

Find out how can help you handle alerts and automate the decision process during triage and integrate with PaloAlto SOAR to streamline the investigation and response process

Elasticsearch – shard optimization

Elasticsearch shards can be a daunting subject to tackle considering how much of an impact they can have on your cluster. In this article we explain what shards are and how they work and offer some advice on what can be a good practice.

Importing COVID-19 data into Elasticsearch

Learn how you can import COVID-19 data into your elasticsearch cluster in order to correlate and analyze the impact of the outbreak with your day-to-day activities

Correlating and enriching COVID-19 data for business use cases

Learn how you can import COVID-19 data into your elasticsearch cluster in order to correlate and analyze the impact of the outbreak with your day-to-day activities

How to start an AIOPS initiative in your organization

AIOps is on the rise with more and more organizations adopting the technology to cope with today’s operational challenges. However starting an AIOps initiative can be difficult to do. In this article we look at some of the steps you can take for a smooth adoption process.

Fighting Alert Fatigue with AIOPS

We live in a world filled with alerts, buzzes, and notifications. Some of these are important, while others are trivial or could be ignored without unpleasant consequences. Our brains naturally develop a system to filter out all the noise and purposefully ignore most of them. The only issue occurs when we miss something that deserved...

Automated notifications for Microsoft account lock-out with Elastic Watcher

Elastic Watcher is a powerful tool that allows among other things for automated alerting. In this blog post we will show how you can use Watcher to quickly get notified of any data loss.

Image data monetization with GCP and Elastic

Find out how you can use Google’s Vision and AutoML to extract information from images and further analyze them inside the Elastic stack and possibly leverage that information into a custom built app

Intelscale – Threat intelligence at scale

With the cybersecurity landscape becoming increasingly complex and dynamic, moving away from a reactive approach to a proactive is critical. Intelscale is an open and scalable threat intelligence solution which enables you to gain insights into cyber attacks and provide faster mitigation

Elastic Common Schema – talking the same data language

By combining the Elastic Stack together with neural networks we created an automated process for root cause determination which we called ARCANNA (Automated Root Cause Analysis Neural Network Assisted). ARCANNA was created as an open source Elastic plugin which is easy to install and configure

Brute Force Attack Prevention

Brute force attacks are among the most used weapons that hackers use to gain control over user or admin accounts and perform disruptive actions. The concept is simple: the attacker tries to guess the password by trying various combinations of characters and the most commonly used passwords.


Now with both RPA and AIOps in the IT landscape I see a lot of confusion around them. Are they the same thing? If not, how are they different? Can they be used together in your infrastructure?

AIOps – Between early adopters and skeptical mainstream

Gartner defines AIOps as, “systems that combine big data and AI or machine learning functionality to enhance and partially replace a broad range of IT operations processes and tasks, including availability and performance monitoring, event correlation and analysis, IT service management, and automation.”