- ReaQta unveils a brand new user interface and alert recommendations, as part of ReaQta-Hive’s autonomous alert management system: Cyber Assistant
- A reporting refresh brings new customization and automation capabilities for greater ease-of-reporting
- New features include a new threat hunting API and the ability to forward alerts to a user’s own (syslog) server
Amsterdam, The Netherlands, Jan 6, 2022 – ReaQta, an IBM company, today announced the latest version of its Autonomous Detection & Response Platform: ReaQta-Hive 3.7.
New features include:
Brand new Cyber Assistant UI & Alert Recommendations
Cyber Assistant is an autonomous alert management system that is part of the ReaQta-Hive platform. It alleviates analyst alert fatigue by reducing false positives by more than 80%. Cyber Assistant now offers recommendations to security analysts via a brand new graphical interface.
In addition, it can be configured to perform more automated actions, like:
- Changing impact scores
- Automatically closing false positives
- Whitelist creation
In order to make alert handling easier for analysts, recommendations will now be displayed alongside other crucial information e.g a list of similar incidents observed in the past.
As Cyber Assistant automatically learns and applies the decision-making process of its users, recommendations will be adjusted accordingly once an analyst changes the status of an incident (e.g., from malicious to benign).
Analysts are automatically warned by Cyber Assistant when incidents are closed in a way that contradicts their past decisions. This feedback flags inconsistencies in the classification of similar alerts across analyst teams.
Recommendations will also be displayed when alerts are being closed.
Reporting Refresh: Customization and Automation
ReaQta has substantially improved the useability of reporting features, with a special focus on MSSP installations. All reports now support adding a custom logo in the masthead, so that MSSPs can keep their branding at the front and center of their clients’ minds.
Secondly, reports can also be configured to automatically email PDF copies to stakeholders, saving analysts the tedious task of manually exporting reports according to a pre-agreed schedule.
Finally, the alerts section now offers support for tag-based filtering and enables curated lists of the most relevant alerts.
Threat Hunting APIs
Multi-tenancy APIs have been offered since our previous release. We’re happy to announce that a third party API for threat hunting functionalities is now available in 3.7.
Experience a new world of possibilities for threat hunting capabilities. Security analysts can now create their own applications to search through the events of ReaQta-Hive.
Forwarding alerts to your own (syslog) server
In order to effectively help organizations reach their compliance goals e.g creating their own backup of all alerts, analysts will now be able to forward alerts from the Hive Dashboard to their own server.
Analysts will also be able to collect ReaQta-Hive alerts in their own SIEM or centralized log platform.
With this new release, export rules can also be created for each client if there is an MSSP installation. Alerts can be forwarded in three different formats: syslog, CEF, or JSON.
For additional insights into the new release or to see a product demo, please contact Elizabeth Lee (email@example.com). For more information about ReaQta, an IBM Company, and ReaQta-Hive, please visit www.reaqta.com
Note to our customers: A representative will get in touch with you for the upgrade.
About ReaQta, an IBM Company
ReaQta, an IBM company, is a top-tiered AI Autonomous Detection & Response platform, built by an elite group of cyber security experts and AI/ML researchers. Built with advanced automated threat-hunting features, ReaQta allows organizations to eliminate the most advanced threats in real-time. As experts in AI and behavioral analysis, ReaQta’s proprietary dual-AI engines provide organizations across all industries with autonomous, real-time and fully customizable endpoint security, minus the complexity. As a result of automation coupled with intuitive design, ReaQta’s customers and partners benefit from performance improvements and are now able to manage and secure more endpoints without the need for highly skilled staff. For more information, visit https://ReaQta.com