Singapore-based cybersecurity provider Group-IB has added new AI abilities to its flagship SaaS offering, Unified Risk Platform (URP), to harden proprietary threat detection and response capabilities.
The platform, which provides adversary and attack path intelligence, has received AI upgrades for three of its six modules-Fraud Protection, Digital Risk Protection, and Managed XDR.
âThrough the implementation of AI modules, our goal is to significantly enhance the efficiency of our customers’ time spent on detection, analysis, attribution, investigations, and takedown processes,â said Dmitry Volkov, CEO and co-founder of Group-IB. âBy leveraging AI capabilities, we aim to streamline and expedite these tasks, ultimately providing more time-effective solutions for our customers and partners.â
The new capabilities are available at launch and can be accessed by users through their existing URP subscriptions.
AI-backed no-code fraud detection
Group-IBâs Fraud protection module has been upgraded with a new AI-powered Fraud Matrix framework that deconstructs and catalogs known MITRE fraud tactics, techniques, and procedures (TTPs). The AI is used for behavioral fraud categorization and turning known schemes into actionable anti-fraud strategies, the company claims.
Additionally, Group-IB now has a no-code, fraud detection rule builder. âThis enhancement allows customers to effortlessly build and test custom fraud detection rules using historical data from millions of sessions,â the company said in a press release. âThis feature reduces false positives and increases the accuracy of anomaly detection to prevent fraud more effectively.â
Group-IB has also expanded its intelligence-gathering network by including real-time news monitoring, indicators of compromise (IOCs) filtering, and extraction capabilities. Threat scanning has also been bumped to include coverage of VPN hosts, DDoS, and augmented phishing attacks.
Computer Vision for brand abuse
The Digital Risk Protection module on URP is dedicated to fighting scams and brand violations, according to Group-IB. To that end, the company has added new AI algorithms within these tools to enhance the detection of impersonation and other brand abuses.
âThe implementation of the large-scale computer vision system has improved the detection rate of unauthorized brand logo usage by 40%, while, at the same time, implementing a three-fold decrease in the neural networkâs training time,â said the company, talking about the algorithms URP uses for detecting logo usage violations.
Additionally, an enhanced AI-infused engine helps in the automated creation of signatures to speed up the detection of typosquatting and illicit use of brand logos, the company added.
Group-IBâs new Smart Abuse Tool helps streamline the takedown process and the content ownerâs request for getting stolen content removed from the internet by automating the drafting of abuse reports, identifying appropriate registrars, and sending takedown requests against IP violations.
MXDR receives AI updates for detection
Within Group-IB Managed XDR, a few AI infusions have been made to strengthen detection visibility. AI is being specifically used to detect evolved attacks and sort remediation alerts.
âA graph-based representation of alerts has been made available for all alert types, including Email, Network, EDR, and sandbox to provide a comprehensive view of potential threats and facilitate incident management,â the company said. âGroup-IBâs malware detonation has (also) undergone a series of AI-driven optimizations to enhance the detection of âmalware-freeâ attacks.â Additionally, URP has extended MXDR functionality to Linux and MacOS systems as well as remediation functionality for Windows EDR. Previously, the module was supported on Windows systems.