SpyCloud adds AI Insights to Investigations, speeds insider and identity threat detection

SpyCloud adds AI Insights to Investigations, speeds insider and identity threat detection

SpyCloud has introduced enhancements to its SaaS Investigations solution, integrating advanced AI-powered insights that mirror the tradecraft of SpyCloud’s seasoned investigators. Building on the foundation of its IDLink identity analytics, this new capability further automates and accelerates complex cybercrime investigations, empowering security operations, cyber threat intelligence, and fraud and risk prevention teams to uncover critical findings faster than ever to combat evolving identity threats, including employment fraud.

SpyCloud Investigations with AI Insights marks a pivotal advancement, extending the capabilities of IDLink’s automated digital identity correlation. Where IDLink excels at expanding the scope of interconnected digital identities, the new AI capability makes the tradecraft and thought process of a veteran investigator accessible to analysts of every experience level.

Within seconds, it pulls together identity exposure data across third-party breaches, malware infections, and successful phishes, as well as patterns of behavior on infostealer-infected devices to generate actionable finished intelligence that points to potential insider threats – malicious, negligent, and compromised.

“SpyCloud Investigations with IDLink and AI Insights offers unparalleled visibility and depth,” said Jacques Chitarra, Samsonite’s Senior Director of Global Security and Privacy. “Insider threat reports now populate in seconds, eliminating the need to chase down endless digital breadcrumbs. This acceleration allows our team to stay focused on the outcomes that matter most.”

According to a recent survey of CISOs and security practitioners conducted by SpyCloud, 56% of organizations experienced an insider threat incident in the past year. One example is the surge in fraudulent North Korean IT workers infiltrating enterprises – a scheme now impacting nearly every Fortune 500 company. These individuals use stolen or fabricated identity data to gain employment under false pretenses, effectively becoming insider threats from day one.

SpyCloud Investigations with AI Insights helps security teams identify these threats faster by connecting identity exposure data with suspicious access behaviors, enabling earlier detection and response with fewer resources.

“By embedding AI into SpyCloud Investigations, we’re empowering security teams to move from reactive investigation to proactive detection,” said Jason Lancaster, SpyCloud’s SVP of Investigations. “This isn’t just faster analysis – it’s finished intelligence that mirrors the intuition of seasoned analysts, surfacing hidden identity risk and building narratives investigators can act on and share with confidence. Our customers can now uncover insider threats with greater speed and clarity, closing gaps that adversaries have long exploited and reshaping how identity threats are mitigated.”

SpyCloud Investigations with AI Insights provides:

  • Enhanced threat analysis: AI Insights, built from SpyCloud’s investigative methodologies, analyzes historical breach, malware, and phishing data, combined with industry-veteran tradecraft, to identify suspicious behaviors and insider threats, allowing organizations to strengthen investigations in seconds.
  • Suspicious pattern detection: Beyond direct correlations, SpyCloud’s AI pinpoints unusual or suspicious identity relationships and patterns that indicate insider threats, sophisticated account takeover attempts, or new forms of financial fraud, often undetected in other investigation solutions.
  • Actionable insider threat signals: By leveraging AI to process and contextualize massive amounts of data, investigators can more rapidly and accurately correlate and attribute exposed identity data to a malicious, negligent, or unwitting insider threat with signals that teams can act on.
  • Optimized investigative workflows: AI-driven summaries with clearly defined signals of risk streamline and shorten investigative processes, enabling analysts of any level of expertise, and regardless of the complexity of an investigation, to focus on the most critical threats and maximize their impact quickly.

“SpyCloud Investigations, now with AI Insights, is designed to think like an analyst – surfacing the right signals in seconds, not hours,” said Damon Fleury, SpyCloud’s Chief Product Officer. “By embedding decades of investigative tradecraft into the platform, we’re enabling analysts of any skill level to operate with greater confidence and precision while accelerating their investigations and gaining faster, clearer insights into identity and insider threats.”


Source link