Generative AI is coming to both line-of-business data analysis as well as security, as Cohesity deepens its ties to Microsoft. Data backup and management company Cohesity today announced plans to offer an Azure OpenAI-backed chatbot as both a security analysis tool and line-of-business assistant, along with tighter integration with Active Directory, Sentinel and Purview, as part of an expanded partnership with Microsoft. The chatbot is designed to help with both rapid security analysis and business end-user tasks. In a demonstration given the day before the announcement, Cohesity senior director of systems engineering Greg Statton showed off the former use case by showing a security console with some potential irregularities displayed. Using natural language queries, the system was able to identify users accessing backup systems from unusual IP addresses, as well as describe anomalous behavior in log data. “As we all know, ransomware is not only going after your data, but then it’s immediately trying to attack that backup,” Statton said. “And so I thought it’d be really interesting to take that live log stream data of who’s accessing the backup system and what it is they’re doing, and synthesize it into a very crisp executive summary.” The idea is that the AI system, which is powered by the Azure OpenAI generative AI feature set, uses the provided SIEM information as its main data set. It’s similar to the line-of-business functionality that Statton subsequently demoed, giving the example of a law firm using the AI to search through previous cases for those involving particular types of clients or legal issues. “Through this generative AI hook, I can find out exactly what files [I need] within Cohesity,” Statton said. “So it’s actually going into that data that’s been highly indexed, grabbing those key paragraphs that match my question.” The actual provision of these features to the end user, in the security instance, will be done through Microsoft — the company announced that its DataProtect backup-as-a-service offering will now integrate with Microsoft’s Sentinel SIEM package for quicker reaction to ransomware alerts and incident tracking. Similarly, Cohesity’s data classification platform will tie into Microsoft’s Purview compliance portal for data privacy and discovery. “OpenAI is a tremendous productivity boon in terms of how quickly you can get answers,” said Cohesity CEO Sanjay Poonen. “It’s not just asking about these meaning-of-life questions, they’re asking questions on your data.” Cohesity said that these new features aren’t generally available yet, and didn’t specify a release date. Poonen characterized it as an internal research project that the company is working to turn into a functioning product, and gave a timeline of months or quarters for a full release. Related content news Palo Alto extends SASE security, performance features Palo Alto rolls out Prisma SASE 3.0 to secure unmanaged devices, increase AI capabilities. By Michael Cooney May 02, 2024 3 mins SASE Network Security Networking how-to The logic of && and || on Linux These AND and OR equivalents can be used in scripts to determine next actions. By Sandra Henry-Stocker May 02, 2024 4 mins Linux analysis Cisco-backed startup Corelight raises $150M to expand network security services Corelight aims to boost AI-driven security operations, cloud visibility and detection, and next-generation SIEM platforms. By Michael Cooney May 02, 2024 4 mins Network Security Networking news F5 looks to squelch 'ball of fire' that is application security Updates include security scanning and penetration testing capabilities for web applications, as well as a new container-based web application firewall. By Michael Cooney May 01, 2024 4 mins Firewalls Network Security Networking PODCASTS VIDEOS RESOURCES EVENTS NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe