Generative AI, Channel partners, Content, Security Program Controls/Technologies

Rubrik, Microsoft Offer Generative AI-Powered Cyber Recovery and Remediation

NEW YORK, NY – MAY 2: The Microsoft logo is illuminated on a wall during a Microsoft launch event to introduce the new Microsoft Surface laptop and Windows 10 S operating system, May 2, 2017 in New York City. The Windows 10 S operating system is geared toward the education market and is Microsoft’s answer to Google’s Chrome OS. (P...

Rubrik has integrated its Security Cloud product with the Microsoft Sentinel security information and event management (SIEM) solution and Azure OpenAI Service.

The integration enables organizations to use generative AI and natural language processing (NLP) technologies to recover from and remediate cyberattacks, according to a prepared statement.

How the Rubrik-Microsoft Integration Works

The new Rubrik-Microsoft integration builds on Rubrik's existing integration with Microsoft Sentinel, which the companies announced in October 2022.

With the integration, IT and security teams can:

  • Access time-series security data insights in Microsoft Sentinel
  • Automatically create an incident in Microsoft Sentinel based on anomalous activity within Security Cloud
  • Generate code for investigating an incident in Microsoft Sentinel
  • Receive incident response task suggestions to help with incident investigation, response and remediation
  • Utilize large language models and generative AI through OpenAI to automatically create a recommended task workstream in Microsoft Sentinel

The integration lets IT and security teams use Rubrik Anomaly Detection product to monitor backups as they are ingested and feed data through a machine learning model that tracks file activity and encryption within the filesystem, Rubrik noted. If anomalies are identified, this information flows into Microsoft Sentinel tables, providing IT and security teams with time-series analysis of data.

Meanwhile, the integration uses a custom analytics rule within Microsoft Sentinel that allows IT and security teams to look for anomalous activity discovered by Rubrik, the companies stated. When anomalous activity occurs, an incident is automatically created. This gives IT and security teams a workspace that they can use to analyze and triage an incident.

Furthermore, the integration triggers playbooks within Microsoft Sentinel based on data collected from Rubrik's Sensitive Data Monitoring & Management service, the companies indicated. This information is available within Microsoft Sentinel for IT and security teams to use when they analyze and triage an incident.

The Explosion of Generative AI

Commenting on the integration and how it helps IT and security teams understand, prevent and defend against cyberattacks, Rubrik CEO Bipul Sinha said:

“The explosion of generative AI will catapult us into a new age of cyberattacks – attacks that go far beyond human comprehension... We're thrilled to collaborate with Microsoft and continue to build upon our progressive and longstanding partnership. This is an important step forward as we continue our mission of securing the world's data and helping businesses achieve cyber resilience."

Rubrik specializes in zero trust data security and helps organizations protect their enterprise, cloud and SaaS applications. The company manages its Transform Partner Ecosystem.

To date, Rubrik has developed integrations with Microsoft, Zscaler and other technology providers.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.