Building AI Investigator with Amazon SageMaker: Enhancing Customer Experiences with eSentire’s Generative AI Solution

In the fast-evolving landscape of cybersecurity, it is essential for organizations to stay ahead of sophisticated cyber threats to protect their data, applications, and users. eSentire, an industry-leading provider of Managed Detection & Response (MDR) services, is at the forefront of providing cutting-edge security solutions to over 2,000 organizations globally across more than 35 industries.

One of the recent innovations from eSentire is the development of AI Investigator, a natural language query tool that leverages AWS generative artificial intelligence (AI) capabilities to allow customers to access security platform data seamlessly. This tool not only enhances the customer experience by providing immediate and accurate responses to complex security queries but also improves the efficiency of eSentire’s Security Operation Center (SOC) analysts by accelerating the investigation process.

The use of Amazon SageMaker played a crucial role in the development and deployment of AI Investigator. By leveraging SageMaker’s capabilities, eSentire was able to build and train their own large language model (LLM) using Llama 2 foundational models, enabling them to provide private and secure generative AI interactions to their customers. Additionally, SageMaker’s integration with other AWS services such as Amazon API Gateway, Amazon ECR, and Amazon DynamoDB facilitated the seamless deployment and monitoring of AI Investigator.

The results of implementing AI Investigator have been significant for eSentire and its customers. With over 100 SOC analysts and 100 customers already benefiting from the tool, eSentire has seen a substantial reduction in the time taken to answer security data exploration questions, saving thousands of hours collectively. The tool has not only enhanced the customer experience but has also improved the efficiency and effectiveness of security investigations.

Looking ahead, eSentire continues to innovate and evolve its AI solutions to stay ahead of evolving cyber threats and provide its customers with best-in-class security services. The development of AI Investigator is a testament to eSentire’s commitment to delivering differentiated customer experiences through continuous improvement in security investigations and customer communications.

Overall, the collaboration between eSentire and AWS, combined with the innovative use of AI technologies, has resulted in a powerful solution that is driving meaningful outcomes for organizations seeking to enhance their security posture in an increasingly complex threat landscape. With AI Investigator, eSentire is setting a new standard in the realm of cybersecurity, empowering organizations to anticipate, withstand, and recover from cyber threats effectively.