Latest news with #SIEMs
Yahoo
4 days ago
- Business
- Yahoo
New AI-Detection Engineering Assistant from Cymulate Automates SIEM Rule Validation for SecOps and Blue Teams
Innovation streamlines threat detection engineering with automated testing, control integrations and enhanced detections NEW YORK & TEL AVIV, Israel, June 09, 2025--(BUSINESS WIRE)--Cymulate, the leader in threat exposure validation, today announced the release of its powerful new AI-powered detection engineering assistant for security information and event management (SIEM) rule threat coverage validation. Now, the Cymulate Platform automates and streamlines the detection engineering process for blue teams and SecOps, allowing them to build, test and optimize threat detection with AI-assisted live-data attack simulations and customized threat detection. With this launch, Cymulate eliminates the friction of manual detection validation by automating the correlation and testing process, answering the two most important questions in modern detection engineering: "Does my rule work?" and "What threats does it actually cover?" This enables SecOps and blue teams to identify coverage gaps and tune rules in minutes, whereas previously, mapping detection rules to relevant threats required hours of manual effort, reviewing rule logic, identifying threat coverage and testing scenarios one by one. By automating the correlation between detection rules and Cymulate attack scenarios leveraging advanced AI analysis, organizations can now ensure their SIEM rules are continuously validated against real-world threats and optimized with precision. "Detection engineering doesn't have to be complicated, and Cymulate applies AI to help organizations across the globe drastically simplify their process. What once required lengthy back-and-forth between detection engineers and red teamers can now be done in just minutes," said Avihai Ben-Yossef, co-founder and CTO of Cymulate. "As today's threat actors look to exploit security gaps faster and with more sophisticated methods, it's clear that security teams need a continuous focus on threat detection. Cymulate is proud to set the standard for exposure validation, and our new SIEM solution applies the latest AI-driven automation technology to address some of the most complicated areas in detection engineering." The Cymulate platform now features deeper integrations with SIEMs and AI-powered analysis to map detection rules to its extensive library of more than 100,000 attack scenarios. Cymulate validates SIEM detection rules through live-data attack simulations, which test and validate both detection logic and the collection of logs and events required to support the rule. The Cymulate Exposure Validation Platform helps SecOps and blue teams: Identify gaps in their detection capabilities before adversaries can go unnoticed Operationalize threat intel to build custom threat validation Understand when and why existing threat detection fails to trigger Accelerate detection tuning with relevant indicators of behavior, pre-built Sigma rules and EDR rule Maximize visibility and coverage across the MITRE ATT&CK® framework To learn more about the Cymulate Exposure Validation Platform, visit About Cymulate Cymulate, the leader in security and exposure validation, provides the single source of truth for threat exposure and the actions required to close security gaps before attackers can exploit them. More than 1,000 customers worldwide rely on the Cymulate platform to baseline their security posture and strengthen cyber resilience with continuous discovery, validation, prioritization, and guided remediation of security weaknesses. Cymulate automates advanced offensive security testing to validate controls, threats, and attack paths. As an open platform, Cymulate integrates with existing security and IT infrastructure and drives the workflows of the exposure management process. For more information, visit View source version on Contacts Media Contact: Melissa CifarelliAccount Directorprcymulate@
Business Wire
4 days ago
- Business
- Business Wire
New AI-Detection Engineering Assistant from Cymulate Automates SIEM Rule Validation for SecOps and Blue Teams
NEW YORK & TEL AVIV, Israel--(BUSINESS WIRE)-- Cymulate, the leader in threat exposure validation, today announced the release of its powerful new AI-powered detection engineering assistant for security information and event management (SIEM) rule threat coverage validation. Now, the Cymulate Platform automates and streamlines the detection engineering process for blue teams and SecOps, allowing them to build, test and optimize threat detection with AI-assisted live-data attack simulations and customized threat detection. With this launch, Cymulate eliminates the friction of manual detection validation by automating the correlation and testing process, answering the two most important questions in modern detection engineering: 'Does my rule work?' and 'What threats does it actually cover?' This enables SecOps and blue teams to identify coverage gaps and tune rules in minutes, whereas previously, mapping detection rules to relevant threats required hours of manual effort, reviewing rule logic, identifying threat coverage and testing scenarios one by one. By automating the correlation between detection rules and Cymulate attack scenarios leveraging advanced AI analysis, organizations can now ensure their SIEM rules are continuously validated against real-world threats and optimized with precision. 'Detection engineering doesn't have to be complicated, and Cymulate applies AI to help organizations across the globe drastically simplify their process. What once required lengthy back-and-forth between detection engineers and red teamers can now be done in just minutes,' said Avihai Ben-Yossef, co-founder and CTO of Cymulate. 'As today's threat actors look to exploit security gaps faster and with more sophisticated methods, it's clear that security teams need a continuous focus on threat detection. Cymulate is proud to set the standard for exposure validation, and our new SIEM solution applies the latest AI-driven automation technology to address some of the most complicated areas in detection engineering.' The Cymulate platform now features deeper integrations with SIEMs and AI-powered analysis to map detection rules to its extensive library of more than 100,000 attack scenarios. Cymulate validates SIEM detection rules through live-data attack simulations, which test and validate both detection logic and the collection of logs and events required to support the rule. The Cymulate Exposure Validation Platform helps SecOps and blue teams: Identify gaps in their detection capabilities before adversaries can go unnoticed Operationalize threat intel to build custom threat validation Understand when and why existing threat detection fails to trigger Accelerate detection tuning with relevant indicators of behavior, pre-built Sigma rules and EDR rule Maximize visibility and coverage across the MITRE ATT&CK® framework To learn more about the Cymulate Exposure Validation Platform, visit About Cymulate Cymulate, the leader in security and exposure validation, provides the single source of truth for threat exposure and the actions required to close security gaps before attackers can exploit them. More than 1,000 customers worldwide rely on the Cymulate platform to baseline their security posture and strengthen cyber resilience with continuous discovery, validation, prioritization, and guided remediation of security weaknesses. Cymulate automates advanced offensive security testing to validate controls, threats, and attack paths. As an open platform, Cymulate integrates with existing security and IT infrastructure and drives the workflows of the exposure management process. For more information, visit
Techday NZ
30-04-2025
- Business
- Techday NZ
Elastic unveils AI-powered migration tool for legacy SIEM users
Elastic has unveiled a new feature designed to simplify the often complex and time-consuming process of migrating from legacy Security Information and Event Management (SIEM) systems. Known as Automatic Migration, the feature applies generative AI and semantic search to translate and map detection rules into the Elastic Security platform—eliminating the need for manual rule rebuilding. Announced on 30 April, the capability is intended to reduce the cost, risk, and operational burden for organisations looking to modernise their security operations with Elastic. "Many security teams are stuck using their inefficient SIEMs due to the significant time and money it takes to transition to a modern solution, with migrating detection rules, dashboards, and other artifacts among the most challenging aspects for migration," said Santosh Krishnan, general manager of Security and Observability at Elastic. "By mapping and translating existing SIEM artifacts, Automatic Migration reduces the cost, complexity, and risk that comes with SIEM migration," he said. The core functionality of Automatic Migration lies in its ability to automatically map existing SIEM detection rules to Elastic-built rules using semantic search, rather than relying on exact text matches. Where mappings are unavailable, the feature uses generative AI grounded in custom knowledge to translate unmatched rules—along with associated lookups and macros—into functional Elastic queries. The announcement is part of Elastic Security's broader effort to integrate more AI-powered capabilities into its platform. Automatic Migration joins existing features such as Automatic Import, Attack Discovery, and the Elastic AI Assistant—each aimed at streamlining security operations through automation and machine learning. This move by Elastic comes as organisations continue to face mounting challenges in scaling and modernising their cybersecurity infrastructure, especially as existing SIEM solutions struggle to keep up with the growing volume and complexity of data. Elastic's approach centres on lowering the technical barriers associated with transitioning SIEM systems, which often involves time-intensive manual processes, including rule rewrites, dashboard configurations, and adapting data pipelines. By automating these critical tasks, the company aims to make the switch to Elastic Security more viable for organisations of various sizes. Automatic Migration is now available in technical preview for customers on the Enterprise licence tier or those subscribed to the Security Analytics Complete tier of Elastic Cloud Serverless. According to Elastic, the new capability reflects its commitment to helping organisations "find the answers they need in real-time using all their data, at scale." Elastic's suite of products spans search, observability, and security—all of which are built on its proprietary Search AI Platform. While the announcement focuses squarely on easing the transition away from legacy SIEMs, the broader context suggests Elastic is positioning itself as a more agile and AI-forward alternative to established security platforms that often require substantial manual upkeep and custom development. The Automatic Migration feature is expected to appeal to organisations that have been hesitant to abandon their current SIEM investments due to migration challenges. By lowering those hurdles, Elastic hopes to drive broader adoption of its security analytics platform and make advanced threat detection more accessible. In introducing Automatic Migration, Elastic is targeting a major friction point in enterprise cybersecurity strategy: how to migrate away from entrenched systems without disrupting operations or increasing vulnerability during the transition. Krishnan added, "Automatic Migration complements Elastic Security's expansive suite of AI-driven security analytics features," reinforcing the company's message that automation and AI are central to its ongoing development strategy. Elasticjoins a growing number of technology vendors using generative AI to tackle practical enterprise challenges, particularly those that demand speed, accuracy, and a deep understanding of context—traits that traditional rule-based systems often lack. As organisations continue to assess the value and limitations of their legacy security infrastructure, solutions like Elastic's Automatic Migration may offer a compelling path forward for those seeking a more modern, efficient, and scalable approach to SIEM.
