Artificial Intelligence & Machine Learning , Next-Generation Technologies & Secure Development , Security Information & Event Management (SIEM)
Open Systems Buys Tiberium to Automate Security on MicrosoftBritish MSSP Uses Microsoft to Automate the Handling of Basic Security Alerts
Open Systems has purchased an early-stage Microsoft-centric MSSP to help automate investigating, triaging and responding to basic security alerts.
See Also: Live Webinar | Breaking Down Security Challenges so Your Day Doesn’t Start at 3pm
The Silicon Valley-based MDR provider says its acquisition of U.K.-based Tiberium will free up security analysts to focus on preventative defenses such as threat hunting rather than having to wade through alerts in the SOC, according to Tiberium CEO Drew Perry. By dealing with the onslaught of Level 1 security alerts and weeding out the false positives, Tiberium ensures alerts are dealt with in seconds rather than hours.
"Even though we had a very, very similar vision, we each started building out that vision from different points," says Open Systems Chief Product Officer Tom Corn. "We were both trying to go to the same destination. But there were a lot of complementary pieces and elements that Tiberium had built that we had yet to tackle, and the parts that we have tackled, the Tiberium team had yet to tackle."
Terms of the deal, which closed Nov. 22, weren't disclosed. All 15 Tiberium employees will join Open Systems, and Perry will become the company's chief innovation officer to drive Open Systems' product road map and vision. Tiberium launched its core service and product in March 2021 and has added 20 managed service customers over the past 21 months, according to Perry (see: Using an 'Intrinsic Security' Approach).
The Union of Automation and AI
Open Systems' investments around the Microsoft security ecosystem have focused on leveraging artificial intelligence to more effectively investigate alerts that are real and can't be addressed through automation. The company has a dedicated team of data scientists focused on understanding the behavior of defenders and determining which systems and processes can be automated, Perry says.
The company intends to bring Tiberium's automation and Open Systems' artificial intelligence together onto a single platform that's scalable and allows for global growth, Corn says. Open Systems will launch the first big elements of its integrated platform with Tiberium in the next several months to help reach the company's aggressive growth plan for next year, according to Corn.
Both Open Systems and Tiberium have standardized on Microsoft tools, including its Sentinel SIEM offering, Teams collaboration and Defender threat prevention, detection and response technology thanks to its cloud-native capabilities, ease of integration and deployment, and ability to automate things at scale, Perry says. Midmarket customers are increasingly relying on Microsoft tools.
"A lot of people think Microsoft is only for protecting Microsoft capabilities and products, but that's not the case anymore," Perry says. "We can do the same powerful stuff across Linux, across Apple devices and even multi-cloud. We're protecting AWS and Google Cloud as well, with Azure and Microsoft at the heart of that."
The Need for Speed
From a customer standpoint, Tiberium has almost exclusively served customers in the United Kingdom and Open Systems has supported multinational companies with headquarters across North America and Europe, Corn says. Open Systems' customers span industries from financial services and manufacturing to legal and pharmaceutical, and range in size from a few hundred seats to 60,000 seats, Corn says.
As far as metrics are concerned, Corn anticipates the Tiberium acquisition will help Open Systems resolve incidents 25% faster and strengthen the data science team's work around the analyst workbench and customer portal. Further, the combined company's use of analytics and artificial intelligence should ensure data is being used to guide Open Systems' decision-making, according to Perry.
"We need to think about this not just purely in terms of reactive detection and response, but also in terms of prevention," Corn says. "Nothing is faster than avoidance. But they can't be silos with proactive prevention here and detection and response there. They really have to work together. They play off each other in an integrated cycle. And that's how both of us have been trained to think about this."