DTonomy AIR

DTonomy AIR is an AI-based security alerts investigation and Response (AIR) solution designed to enhance the efficiency and effectiveness of security operations. According to the vendor, this platform is suitable for small to large enterprises and caters to a wide range of professions and industries, including Security Operations Center (SOC) Teams, Security Analysts, Managed Service Providers (MSPs), Managed Security Service Providers (MSSPs), and Information Technology (IT) Professionals.

Key Features

Intelligent Correlation: According to the vendor, DTonomy AIR utilizes advanced algorithms to automatically detect patterns across all alerts and signals collected from siloed security detection tools, aiming to eliminate manual correlation activities and duplicate false positives.

False Positive Learn Out: The vendor claims that siloed alerts from different security platforms are correlated into cases and prioritized based on aggregated risks, while DTonomy AI learns false positives to potentially save time on tuning detection rules.

Relevant Action Recommendations: The vendor states that DTonomy AI provides personalized recommendations for security response, empowering analysts with actionable investigation, decisions, and recommendations based on specific environment details.

Learn Decision Patterns: According to the vendor, DTonomy learns patterns from senior security analysts' responses, aiming to facilitate faster knowledge transfer and false positive identification, while potentially saving time on manual tuning.

Extensive Alerts Metadata: The vendor claims that DTonomy AIR automatically extracts alert metadata, such as prevalence information and historical statistics, with the goal of enabling faster conclusions and informed decision-making.

Historical Decision Insights: According to the vendor, DTonomy AIR leverages trustworthy AI to learn patterns from historic case resolutions, potentially guiding future decision-making, reducing Mean Time to Resolution (MTTR), and providing reliable decision support.

Open Integrations: The vendor states that DTonomy AIR offers hundreds of built-in integrations, aiming to seamlessly fit into existing analysis workflows, maximizing the ROI of current security investments, and potentially reducing risks by consolidating data from various sources.

SOAR Simplified: According to the vendor, DTonomy AIR's drag-and-drop workflow designer enables the creation of automation without writing code, potentially speeding up the creation of new automated responses and recommending continuous improvements.

Phishing Analysis and Response: The vendor claims that DTonomy AIR for Phishing provides an easy-to-use tool for analyzing and responding to suspicious and potentially malicious phishing emails, automating categorization, and providing playbooks for best practice recommendations.

Vendor Agnostic SOAR Platform: According to the vendor, DTonomy provides a platform for security analysts to achieve orchestration and automation of siloed security tools, supporting integration with over 100 third-party systems and tools, potentially maximizing efficiency and effectiveness.