March 26, 2024
Abstract Security emerged from stealth with a platform designed to centralize security analytics, speed up detection, and triage alerts so that security analysts can focus on actually managing and resolving security incidents.
The startup, which raised $8.5 million in seed funding, will use its platform to shake up the security information and event management (SIEM) market, says Colby DeRodeff, the company’s co-founder and CEO. There has been a lot of talk about “next-gen SIEM,” but not a lot of focus on addressing the underlying challenge, that the technology could not handle the scale of data being collected, nor deliver actionable alerts quickly enough, he says. Because Abstract Security handles data collection and storage differently, its detection engine provides analysts with alerts much sooner, and at a lower cost, he says.
Abstract Security keeps the security data in data streams and uses machine learning to apply pre-built and user-defined detection rules to find correlations between streams. Using the streaming model helps Abstract avoid latency, lower time to detection and reduce mean time to response, DeRodeff says. Analysts aren’t waiting 45 minutes for the system to index the data before they can interrogate it. Read rest here.