Rubrik has integrated its Security Cloud product with the Microsoft Sentinel security information and event management (SIEM) solution and Azure OpenAI Service.
The integration enables organizations to use generative AI and natural language processing (NLP) technologies to recover from and remediate cyberattacks, according to a prepared statement.
How the Rubrik-Microsoft Integration Works
The new Rubrik-Microsoft integration builds on Rubrik's existing integration with Microsoft Sentinel, which the companies announced in October 2022.
With the integration, IT and security teams can:
- Access time-series security data insights in Microsoft Sentinel
- Automatically create an incident in Microsoft Sentinel based on anomalous activity within Security Cloud
- Generate code for investigating an incident in Microsoft Sentinel
- Receive incident response task suggestions to help with incident investigation, response and remediation
- Utilize large language models and generative AI through OpenAI to automatically create a recommended task workstream in Microsoft Sentinel
The integration lets IT and security teams use Rubrik Anomaly Detection product to monitor backups as they are ingested and feed data through a machine learning model that tracks file activity and encryption within the filesystem, Rubrik noted. If anomalies are identified, this information flows into Microsoft Sentinel tables, providing IT and security teams with time-series analysis of data.
Meanwhile, the integration uses a custom analytics rule within Microsoft Sentinel that allows IT and security teams to look for anomalous activity discovered by Rubrik, the companies stated. When anomalous activity occurs, an incident is automatically created. This gives IT and security teams a workspace that they can use to analyze and triage an incident.
Furthermore, the integration triggers playbooks within Microsoft Sentinel based on data collected from Rubrik's Sensitive Data Monitoring & Management service, the companies indicated. This information is available within Microsoft Sentinel for IT and security teams to use when they analyze and triage an incident.
The Explosion of Generative AI
Commenting on the integration and how it helps IT and security teams understand, prevent and defend against cyberattacks, Rubrik CEO Bipul Sinha said:
“The explosion of generative AI will catapult us into a new age of cyberattacks – attacks that go far beyond human comprehension... We're thrilled to collaborate with Microsoft and continue to build upon our progressive and longstanding partnership. This is an important step forward as we continue our mission of securing the world's data and helping businesses achieve cyber resilience."
Rubrik specializes in zero trust data security and helps organizations protect their enterprise, cloud and SaaS applications. The company manages its Transform Partner Ecosystem.
To date, Rubrik has developed integrations with Microsoft, Zscaler and other technology providers.