What are we working on?
Here's a look at our main focus areas right now. It's not quite a roadmap (they're too rigid and create false expectations) but it's our way of sharing what's coming up.
We're excited to share that most of our roadmap features have been successfully completed and are now live! Tenant Interface, Standalone Telemetry Pipes, GenAI Parser, and Fluency Assist Phase 2 are all fully operational. Replay and Fluency Assist Phase 3 are currently in beta testing and will be available soon. We're actively developing Self-Learning Investigations and exploring Automated AI-Responses to further enhance our AI-driven security capabilities. Thank you for your continued support as we build the future of AI-driven security operations.
Replay lets security teams re-experience real cyber incidents by injecting sanitized, timestamped telemetry back into the detection pipeline. It transforms training, tuning, and testing into repeatable, real-time simulations—bridging the gap between hindsight and action. Currently in beta testing.
Phase 3 focuses on AI Responses—actions that modify security controls to address risk. These responses can include actions such as credential refreshing (forcing a re-login and two-factor authentication). Responses may be executed automatically or require human approval. Currently in beta testing.
We're developing a purpose-built LLM to address the gap between basic LLMs and better quality results. Recently updated the closure process to align with Microsoft standards, capturing human analysis in natural language closure. This system learns from each investigation to improve future analysis quality.
We're exploring the best way to incorporate automated responses when security actions are performed. Currently evaluating how to enhance our existing ticket management, investigation, and recommendation systems with intelligent automated responses that can take action based on AI analysis.