More than Decorative AI: Identity security that works for you
Colleen Lerch
How big is your security organization? Your analytics and reporting teams? How many members of these teams can independently dive into your identity governance models or privileged data sets, ask the right questions, and interpret the information to address risk without deep knowledge of identity security or Privileged Access Management?
In most organizations, we’ve found security practitioners, SOC analysts, and internal auditors need countless hours to build risk-scoring models, develop advanced identity-related queries, or comb through logs to understand unstructured data and identify issues that may lead to identity-based attacks. That’s if they review the data at all.
What if those teams could be more effective and efficient with AI and advanced automation? And I mean a lot more.
IT and security leaders told us they were expecting to use Artificial Intelligence (AI) to improve identity security. In our recent global survey, 40% said “monitoring and reporting” was their #1 expectation for AI. One-third said “assessing risk.”
We listened.
We’re supporting you with innovative AI capabilities in the Delinea identity security platform, making advanced session recording, auditing, and risk scoring accessible to all.
In the Gartner® Hype Cycle for Digital Identity, 2024, “AI methods can help organizations achieve a manageable, sustainable solution to meet their target outcomes for access administration.” As a brand-new highly beneficial emerging innovation in the Hype Cycle, “AI for access administration is in its infancy, but progressing rapidly in both vendor product availability and customer interest.”
These capabilities deliver immense time savings by proactively identifying anomalies in privilege sessions, reducing dwell time of cyber threats and negative impact on business performance.
Delinea is excited to be recognized as a Sample Vendor for AI for the access administration category
Here’s more detail on how these capabilities in the Delinea platform can help you:
Identify identity and privilege-related anomalies faster
Delinea pioneered privileged session recording, empowering IT and security teams to interrogate events and activities for indicators of compromise and post-event identity forensics. Now, Delinea is saving you time with layers of advanced analytics.
In session recordings, Delinea automatically surfaces early indicators of potential cyber incidents, such as authorization and privilege elevation failures, and unexpected deletions and downloads, that are easy to miss among all the normal events.
This new AI capability brings together the skills and knowledge of multiple experts—IAM and PAM teams, security analysts, detection engineers, incident response experts, your own privileged session history, and patterns across the industry—to do much more than any organization’s internal team can.
AI identifies sessions that experience the most common things that happen when an attacker is attempting a breach
For overworked teams struggling to identify root causes of security incidents and respond effectively, this capability is a game-changer.
So that you don’t have to review hundreds or thousands of recorded privileged sessions, AI identifies sessions that experience the most common things that happen when an attacker is attempting a breach. It takes you directly to the moment in a session recording where the issue occurred.
Once configured, AI-supported session recording gathers data in the background to prompt the AI Large Language Model (LLM). So, the next time you need to conduct post-event forensics or demonstrate your security controls to auditors or cyber insurers, you can save hours putting together a comprehensive, prioritized report.
Prioritize the greatest risks so you can focus your efforts
Delinea customers can gain a comprehensive view of identity-associated risk and prioritize their work to focus on the biggest impact, with AI-enabled risk scoring.
A powerful AI engine automatically analyzes the amount of privilege an individual user has and the accounts they have access to. It reviews activity and discovers threats to their account security to determine a risk score, based on the potential impact of a compromise connected to that identity.
The engine quickly delivers an easily consumable and actionable report, including a risk score and detailed analysis of potential damage, along with summarized recommendations to reduce vulnerabilities and remediate incidents. This is no black box: you can see how the risk score is calculated and tune it to meet your organization’s risk management strategy.
Surface insights by asking questions in natural language
Instead of hunting for pre-defined filters to interrogate, you can ask questions in plain language and get instant access to curated information. You can launch queries ad-hoc directly in your workflow without switching screens.
Just ask: “What privileged accounts are expired” or “What privileged elevation requests have MFA enabled” and AI will surface information. The AI-enabled engine understands what you’re looking for and serves up results in real time, with reasoning to help you understand the context. It will select the right chart, events, segments, properties, filters, and groupings for you automatically. This unique capability guides you step-by-step.
At any point, you can see the underlying structure of the query and refine it. You can also ask follow-up questions to clarify or narrow your results. This is a great way for new users to get familiar with their dataset and analytics.
Delinea maintains an explainable, privacy-centric approach to AI
Our AI development is aligned with Delinea’s longstanding philosophy of transparency and trust. We never want to make decisions for you. You’re always in control.
Delinea’s explainable AI means you can see the logic used and incorporate your own institutional knowledge. You’ll be able to demonstrate your detective and risk-based identity security controls with confidence.
No customer data is used to train third-party AI models. In fact, unlike other solutions on the market, customer query results are never sent to a third-party AI service at all. Analysis is performed securely within Delinea, just as it would be if the user completed it manually themselves.
What’s next for Delinea and AI?
The cybersecurity industry is awash with AI messages, with vendors making claims that are confusing to buyers already struggling to keep up with rapid change.
Our North Star is always focused on usable security—removing the complexity from technology and simplifying the user experience. We’re taking a practical, pragmatic approach to AI in our product development. That means the use cases we’re assessing first are the most urgent requirements and the most painful workflows our customers face.
Coming soon: Conversational AI for “how-to” support
In the near future, Delinea will be making GPT-enabled tech support available to all customers. This AI capability will leverage Delinea’s comprehensive help center documentation, articles, best practice guides, and training materials to deliver instant answers to technical questions.
The future of intelligent authorization
We expect AI-enabled solutions will play a critical role in the identity security landscape and become a vital strategy for cyber resilience as your risk factors change dynamically. Identity security controls need to be hyper-flexible, which is beyond the capabilities of humans to manage. In the future, organizations will only be able to achieve scalable, risk-based identity security with intelligent, automated policies.
Expect to see AI appear in many more places across the Delinea platform in the coming months, with a special focus on helping you prioritize your work to save time.
Gartner, Hype Cycle for Digital Identity, 2024, By Nathan Harris, Ant Allan, 24 July 2024. GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally, and HYPE CYCLE is a registered trademark of Gartner, Inc. and/or its affiliates and are used herein with permission. All rights reserved. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
How are organizations leveraging AI in their identity security strategies?