Accenture and Microsoft recently announced the companies would jointly invest in building cybersecurity solutions driven by generative AI — one of many recent partnerships seeking to promote the use of generative AI in cybersecurity tools.
The partnership, announced Thursday, aims to help organizations, including financial institutions, mitigate escalating cyber threats, consolidate technology tools and reduce costs.
Other major players are also deepening their AI-driven cybersecurity partnerships.
Last year, CrowdStrike and Google Cloud announced a partnership focusing on AI-native cybersecurity, including by connecting CrowdStrike's detection and response product Falcon with Google Cloud's secure audit log and telemetry management and analysis product.
Similarly, Palo Alto Networks committed to a "ten-figure, multi-year investment" into Google Cloud, according to a press release from the companies. This investment aims to create AI-powered security platforms that deliver near-real-time security resolution, they said.
Lastly, Zscaler announced that it was working with Nvidia to accelerate its AI-powered copilot technologies for security teams.
Accenture and Microsoft
As part of
Security operations centers, or SOCs, monitor security alerts, triage them and come up with risk mitigation strategies.
The speed, sophistication and scale of cyber threats present a challenge to SOCs looking to effectively cut through the noise created by security alerts and focus on risk mitigation.
To address this, Microsoft is looking to combine some of its service related to gathering cybersecurity information and events (Microsoft Sentinel) and its AI copilot for security teams (Microsoft Security Copilot) with Accenture's service for managing systems that detect threats on individual Microsoft computers and servers (Adaptive MxDR for Microsoft).
The ultimate goal of this combination of tools is providing analysts with AI-driven tools to investigate threats faster, cut through alert noise and focus on reducing risk and improving the center's efficiency.
CrowdStrike and Google Cloud
Incident response is the structured process a company follows after a cyberattack to identify, contain, eradicate and recover from the breach. Managed detection and response is a service where an external team continuously monitors a company's systems for threats and helps them respond to any identified security incidents.
Under the partnership with Crowdstrike, these Mandiant services will leverage the CrowdStrike Falcon platform, a cloud-native platform that uses AI to protect various parts of a company's digital environment, including endpoints (like laptops and servers), cloud systems, user identities and data.
Palo Alto Networks and Google Cloud
Last year,
Cortex XSIAM is Palo Alto Networks' AI-powered platform for security operations, designed to help security teams detect and respond to threats efficiently.
By leveraging Google's cloud infrastructure and AI services, including BigQuery (a data analytics service) and Gemini models (large language models from Google), the companies are looking to ensure Cortex XSIAM can scale up in operation to meet the needs of its largest customers while providing near-real-time protection against cyber threats.
The collaboration aims to automate and consolidate various security solutions, leading to faster resolution of security incidents.
ZScaler and Nvidia
A copilot in this context refers to an AI assistant that helps users, in this case, by providing insights and automating tasks for IT and security operations.
The Zscaler ZDX Copilot is a specific example, designed to monitor digital experiences. This copilot uses Nvidia's NeMo Guardrails and Morpheus framework to process data from Zscaler's Zero Trust Exchange platform.
Nvidia's NeMo Guardrails is software that manages and secures the conversational flow and responses of generative AI applications, ensuring they are accurate, appropriate and aligned with safety policies.
Nvidia's Morphius framework enables developers to create optimized applications for filtering, processing and classifying large volumes of streaming cybersecurity data.
The Zscaler Zero Trust Exchange platform is a security cloud, handling over 500 billion transactions daily, that securely connects users, devices, and applications based on a Zero Trust security model — i.e., by authenticating every transaction individually.
So, Zscaler ZDX Copilot leverages AI to quickly identify and act on unusual activities and threats that were previously very difficult to spot, with guardrails to ensure that the AI's interactions are accurate, appropriate and secure.
