Cybersecurity detection automation company Anvilogic today announced a $10 million series A round led by Cervin Ventures. CEO Karthik Kannan says the capital will be put toward scaling and R&D.

In a 2017 Deloitte survey, only 42% of respondents considered their institutions to be extremely or very effective at managing cybersecurity risk. The pandemic has certainly done nothing to alleviate these concerns. Despite increased IT security investments companies made in 2020 to deal with distributed IT and work-from-home challenges, nearly 80% of senior IT workers and IT security leaders believe their organizations lack sufficient defenses against cyberattacks, according to IDG.

Anvilogic is a VC-funded cybersecurity startup based in Palo Alto, California and founded by former Splunk, Proofpoint, and Symantec data engineers. The company’s product, which launched in 2019, is a collaborative, no-code platform that streamlines detection engineering workflows by helping IT teams assess cloud, web, network, and endpoint environments and build and deploy attack-pattern detection code.

Anvilogic is designed to provide improved visibility, enrichment, and context across alerting datasets, enhancing the ability to aggregate, detect, and respond using existing data. The platform provides a continuous maturity scoring model and AI-assisted use case recommendations based on industry trends, threat priorities, and data sources. Using Anvilogic, security teams can visualize suspicious activity patterns and synchronize content metadata for detection and alerting.

Key areas of automation

As Kannan explained to VentureBeat via email, the Anvilogic platform has four key functionality focus areas. The first is automated assessment of state of security, which spans the ability to automatically score a customer’s security readiness with a metric, along with a gap analysis. This capability provides AI-driven prioritization to guide the customer on where to start and when to go deeper, based on criteria such as their industry, the current landscape, peer behavior, available data sources, current gaps, and more.

The platform’s next area is automation of detection engineering, which includes AI-based suggestions for security teams, data sources, a no-code build environment to construct detections, and an integrated workflow for task management and detection deployment. Then there’s automation of hunting and triage, where AI-based correlations of signals produce higher-order threat detection outcomes, which provide the entire story of an alert. Anvilogic auto-enriches alerts based on a hunting and triage framework. The final piece is ongoing learning across enterprises to learn new workflows, patterns, and actions and to provide the entire network better insights and recommendations for detections, hunting, and triage.

“All use cases are connected and have a smooth handoff via a task management workspace, along with baked-in access controls such that the entire detection engineering and hunting/triage process is automated by the platform,” Kannan said. “The user experience is guided by our intuitive and domain-driven user interface, and the maturity score provides users guidance on what to build/deploy and also serves as a tracker of progress and gaps.”

Cybersecurity during the pandemic

Reflecting the pace of adoption, the AI in cybersecurity market will reach $38.2 billion in value by 2026, Markets and Markets projects. That’s up from $8.8 billion in 2019, representing a compound annual growth rate of around 23.3%. Just last week, a study from MIT Technology Review Insights and Darktrace found that 96% of execs at large enterprises are considering adopting “defensive AI” against cyberattacks.

“Our vision is to deliver complete automation to the security operation center (SOC) in the emerging cloud-first world and deliver what we call SOC neutrality. We believe that all logging will be on a distributed cloud warehouse in the future, and there will be even more silos of alerts and workflows (e.g., primary on-premises logging, traditional network workloads, and newer cloud workloads) in the SOC,” Kannan said. “Anvilogic will become the unified security fabric that delivers total end-to-end SOC automation across silos, successfully delivering detection and hunting capability by correlating across workloads, powered by AI, domain-specific frameworks and automation.”

Beyond Cervin, Foundation Capital, Point 72 Ventures, and Dan Warmenhoven participated in 25-employee Anvilogic’s latest funding round. It brings the company’s total raised to date to over $15 million.