Insight Engines Update Uses NLP, AI for Tightening Cybersecurity

The software uses NLP, machine learning and human knowledge to detect data gaps, ask high-value questions, and give recommendations based on industry intelligence and activities.


Startup Insight Engines claims to be ushering in a new era in cybersecurity investigation. Seeing is believing, so we may want to get a little further into the era to find out if this all works as advertised, but at the moment we’ll take a look at anything new. The security business is like that.

On July 26 the San Francisco-based startup launched the 3.0 version of its natural-language-based information-finding product, which combines two key components aimed at tighter security: Insight Investigator and Insight Analyzer.

These offerings use NLP, machine learning and human knowledge to detect data gaps, ask high-value questions, and give recommendations based on industry intelligence and activities.

Insight Engines 3.0 is designed to provide significantly more proactive, creative and effective information security by enabling anyone to ask questions of its machine data core and get answers and/or insights in seconds.

NLP Fills Void Left by Data Scientists

The natural-language processing approach fills much of the void for companies who are unable to hire data scientists, a job classification whose members are few and far between in the IT world. This is because Insight Engines can find, display and help triangulate various data streams, logs and stores to tell stories that few people are qualified to tell.

“Security teams are mired in systems and approaches that are holding them back from being as effective as they want to be,” CEO Grant Wernick said in a media advisory.

“Companies are throwing a tremendous amount of money at the problem, yet virtually nothing has changed since the Equifax breach a year ago. We have to completely change the game by using machine learning to fuel human intelligence (i.e. knowledge, intuition, and creativity) in investigating and mitigating threats.”

Insight Engines said its latest additions, Insight Investigator and Insight Analyzer, solve three key problems:

  • Organize disorganized log data “landfills”: Renders invisible or obscure data open and transparent, helping analysts know exactly what they have–and don’t have–in their logs.
  • Maximize security teams’ capabilities: Empowers anyone in an organization–not just the highly-specialized technicians who are in short supply–to ask questions of their data and get timely answers.
  • Augment human intelligence (HI) to help analysts ask better questions: Analyzes and distills industry trends and activities to provide smart recommendations for questions and deeper avenues of investigation. 

Insight Investigator uses patented natural language processing (NLP) so security analysts of all levels can ask questions of their machine data through English language search, instead of learning highly specialized and complex query languages. This enables organizations to discover the value of their machine data by asking  intelligent questions that go beyond traditional static security frameworks and raw searching, both of which are time consuming and likely incomplete.

Enterprises Must Know What Data They Have First

Before analysts can ask questions of their data, however, they first need to know what data they have. This is a persistent problem plaguing most organizations. Insight Analyzer enables customers to understand what data they have, how it’s organized and what questions that data can and cannot answer. Insight Investigator and Insight Analyzer are sold as a package, because without some organization, it’s impossible to get accurate answers from data.

Insight Engines’ new product is architected for customers to get the best of both worlds: on-premise security with cloud-enabled intelligence. This means customer data stays local and the NLP engine and data-health monitoring technology powering the two products live in the cloud.

Customers ask questions that are translated by the company's cloud service into optimal big data queries that the customer runs locally on his/her own data. This secure architecture enables Insight Engines to deliver real-time updates, leave customer source data safe and local and deliver timely, dynamic recommendations of questions to ask next.

Insight Engines counts as customers several Fortune 500 companies in addition to major government organizations. For more information, go here.

Chris Preimesberger

Chris J. Preimesberger

Chris J. Preimesberger is Editor-in-Chief of eWEEK and responsible for all the publication's coverage. In his 15 years and more than 4,000 articles at eWEEK, he has distinguished himself in reporting...