Aryaka adds AI-powered observability to SASE platform

Nadkarni explained that Aryaka runs unsupervised machine learning models on the data to identify anomalies and outliers in the data. For example, the models may detect a sudden spike in traffic to a domain that has not been seen before. This unsupervised analysis helps surface potential issues or areas of concern that require further investigation.

Once the unsupervised models identify anomalies, Aryaka then applies supervised machine learning techniques. The supervised models benefit from threat intelligence and security research to determine if the identified anomaly is actually indicative of a security threat. For example, the supervised models will check if the anomalous domain is known to be associated with malicious activity or a command-and-control server. This supervised analysis helps reduce false positives and provide more accurate threat detection.

Aryaka has partnered with a security research firm called Sequretek to help build out the AI Observe service to enhance the supervised models. Sequretek has a team of more than 130 security researchers who are actively tracking the latest threats and threat actor tactics.

Taking aim at SOAR (but just don’t call it that)

Beyond just helping to detect potential network security risks, Aryaka’s AI Observe also provides what it calls zero-touch automation. That feature can be used to enable automated threat mitigation at the network level. 

That type of capability is not new to the industry and is often a core element of security orchestration, automation and response (SOAR) technologies. Nadkarni emphasized, however, that Aryaka really doesn’t want to position itself as a SOAR vendor.

She noted that Aryaka has a full unified SASE approach that integrates multiple controls and potential remediation. That includes the ability to create firewall rules to block certain IPs or even entire domains. “It’s actually just part of the unified-SASE-as-a-service workflow in our view,” Nadkarni said.