Dutch MSSP DTX Drives to SOC Excellence with Conifers CognitiveSOC
Dutch Technology eXperts is a close-knit team of security professionals who continually strive to produce optimal results for their customers.
An MSSP, DTX offers a managed detection and response service that helps their customers stay ahead of attackers by reducing attack surfaces, strengthening weak points and improving and preventing unsafe behavior.
Celebrating over 25 years of success, DTX continues to broaden its scope of service, always with an eye towards expanding its services efficiently and at a competitive price.
Customer
Rutger de Boer, CTO, DTX
Need
An AI-driven approach to advance SOC services
Solution
With Conifers.ai, DTX can increase the quality and accuracy of its offerings and stay ahead of the speed of adversaries’ attacks.
Leveraging Technology to Advance SOC Services
As attackers and threat actors continue to leverage AI to accelerate their efforts, DTX wanted to leverage the power of AI to stay ahead of the escalating sophistication and speed of these attacks, as well as provide the foundation to grow their business.
Specifically, DTX needed to:
- Increase both effectiveness and efficiency in detecting attacks as well as increase detection coverage. DTX knows exactly how much time an analyst spends on each ticket and can measure increased effectiveness and speed.
- Increase consistency and accuracy in handling alerts — humans performing repetitive tasks can decline in both areas, but AI will handle the last case the same as the first one.
- Offload SOC tasks and reallocate resources to scale more efficiently and expand offerings.
Options Considered ML, SOAR, "Build vs Buy," Adding Analysts
To solve their SOC and business challenges, DTX considered several options that used machine learning models, statistical analysis, and predictive analysis. But none of these on their own were granular enough to find false positives and true negatives.
They assessed adding more SOC analysts but that was just putting a bandage on the pain and not solving root causes. Plus, doing so was counter to the company’s goals of efficient expansion. DTX also considered solutions from SOAR providers but realized that, instead of gaining efficiencies, they would need to increase their engineering headcount to maintain these tools and see limited value from them. The company knew it needed to implement a more AI-driven approach.
As many technology companies with a staff of talented engineers do, DTX first considered building a solution in-house. But they recognized this wasn’t the right use of their resources, that they couldn’t pursue this option and build a solution at scale, with security and privacy, without adversely affecting their high-touch commitment to customers. It was better to buy than build. As Rutger de Boer, CTO of DTX said, “While we could have built an AI-based solution in-house, AI for cybersecurity is a very different ballgame — you have to get it right. It’s far too complex.”
So they looked for a smart AI-based solution that would be a fraction of the cost of building in-house.
Using Conifers.ai to Achieve SOC Excellence and Expand the Business
DTX chose and implemented the Conifers.ai CognitiveSOC platform to address their SOC and business challenges. The Conifers CognitiveSOC platform leverages the smart use of data science and AI to achieve SOC excellence, and to demonstrate real, measurable value.
Innovations and capabilities include:
- Ability to ingest and apply specific institutional knowledge for every tenant, enabling deep contextual investigations beyond just triaging
- Ability to offer support a wider portfolio of technologies
- Centralized tenant management
- Comprehensive, relevant detection coverage
- Ability to investigate these detections quickly/at scale
- Ability to work with existing tools and portals; no need to for disruption
“The Conifers.ai platform has enabled us to efficiently integrate AI capabilities into our SOC, leveraging our existing tools, processes, and procedures while continuously delivering increasing value. Its ability to manage dozens of tenants, each with its own baseline and customer-specific knowledgebase, has significantly improved the quality of our operations, reducing investigation times in a way that’s both efficient and effective.”
Enhanced Services, Expanded Offerings, More Efficiency with Conifers
Implementing Conifers CognitiveSOC has enabled DTX to expand its offerings and business, and by leveraging Conifers’ smart AI approach, DTX can increase the quality and accuracy of its offerings. Additionally, with the power of smart AI, DTX is able to stay ahead of the speed of adversaries’ attacks.
According to Rutger, “the Confers.ai platform has enabled us to efficiently integrate AI capabilities into our SOC, leveraging our existing tools, processes, and procedures while continuously delivering increasing value. Its ability to manage dozens of tenants, each with its own baseline and customer-specific knowledgebase, has significantly improved the quality of our operations, reducing investigation times in a way that’s both efficient and effective.”
