“DarkLight makes it possible for our clients to do more with fewer cyber-analysts."
“DarkLight is using a reasoning engine to harness…human knowledge and automate threat-response tasks.”
“DarkLight has taken a different approach so I think they’re going to be a big challenger...”
Sensing: DarkLight ingests observations from security appliances, network monitoring systems, SIEM, etc. and maps them to a conceptual model of the unified cyber terrain.
Sense-Making: Using the defense and intelligence community's Object-Based Production methodology, DarkLight organizes what is known about the enterprise, the adversary and the observations sensed from the cyber ecosystem, interpreting the data like a human analyst would.
Decision-making: Encoded with the cyber defense experience and analytic tradecraft of human experts, DarkLight's AI emulates the decision-making and course of action selection, increasing the speed and scale of cyber defense.
Acting: With the heavy lifting done, DarkLight orchestrates a programmatic response, using trusted information sharing standards like TAXII/STIX and OpenC2 or by notifying an analyst for further review.
This two-page document is ideal for the Security Analyst, Security Operation Center (SOC) Managers and CISO, and will explain the