Since late 2017, MixMode has spent time with hundreds of security teams, asking them one simple question: “what is the biggest pain point in your security program?” While we received a variety of answers, one answer came screaming through as a massive, and growing, problem: false positive alerts. False positives are security alerts that do not reflect a real threat.
Why is this such a big problem? Companies, on average, utilize six different security platforms in their cyber security departments. Most of these platforms are “simple alert generators,” as one of our recent interviews with a multi-billion-dollar unicorn revealed. Alerts are warnings that every security team review.
The average company spends 395 hours per week chasing false positives, equating to 10 full-time people (McAfee). With a growing number of products that fire alerts and network size increasing, the problem is only getting bigger. To exacerbate this problem, every company is struggling to hire security people (3.3 million unfilled security positions in 2019). We want to allow our customers to focus on more productive and challenging work, rather than the millions of tedious hours they spend reviewing the same false positive alerts that fire day after day after day.
Why hasn’t anyone solved this problem? This is tricky. The fundamental problem is that there is a huge amount of data analysis required to watch a large network, learn its behavior, do continuous baselining and make decisions on activity in real time or near-real time. One could employ a large set of server farms but the costs would be prohibitive. The industry is currently caught in a tight spot where many firms talk about AI, ML, predictive analytics. Unfortunately, to date, most of the “AI” is simple rules-based ML that does not learn the context of a network.
The MixMode approach: Third-wave, context-aware AI. When Dr. Igor Mezic came on board in the second half of 2018, we talked about the AI algorithms he has built over the last 15 years while executing projects for DARPA and the DoD. We talked about taking into account the network’s specific behavior in addition to the standard rules that are in place for a typical network monitoring system. For more on our Artificial Intelligence approach, please read our e-book.
We believe that purpose-built AI is what will dominate the business landscape over the next few years. AI will gradually take over monotonous functions for the enterprise in areas like accounting, client service, etc. In our case, our proprietary AI is purpose-built to solve the alert problem for security teams across all of their platforms. Our goal is to work with the security community to improve their daily processes and put them in a more proactive stance.
We also know that we don’t live in the customer’s shoes every day. So we have to keep learning, keep asking questions, keep evolving. It has been an amazing journey in the last year as we put customer insights ahead of everything – and we are passionate about solving this big problem and our customer’s future needs.
Our Mission: Reduce false positive security alerts by 95% across our customer base and, eventually, the industry.
Our Promise: We promise to deliver software that works, that scales, that makes your life easier. Using our solutions, you can focus on productive, proactive projects that move the needle for your business.
Our Passion: Simplicity. Happy Customers.