Why Liquid Software Needs a Harder Way to Handle Data

Software is solidifying. While the code structures and architecture beneath our applications and data services are effectively “flowing” in the sense of becoming more modular, distributed, and individually componentized (into smaller droplets, so to speak), the IT industry is working hard to solidify the outer surface of our technology to prevent failures, combat malware, and address the sea of ​​issues caused by cloud network misconfigurations, and so on.

The drive to create more robust software architectures has inevitably drawn on the automation benefits offered by generative AI. By leveraging the vast scope of reasoning and learning offered by AI, we can create software functions that demonstrate predictive and causal knowledge to protect our IT assets faster and more comprehensively.

Aiming to play a role in the ongoing consolidation efforts, secure data management specialist Cohesity is adding a new dose of generative intelligence to its core platform. Cohesity Data Cloud now features enhancements designed to manage threat detection, data security posture, and cyber recovery. A new clean room design environment provides software engineers with an incident response wizard to help them move from preparedness to recovery.

The work to introduce more generative AI into the platform complements Cohesity Gaia, a search-based and augmented generation AI solution the company introduced earlier this year.

What is an IT clean room?

The above clean room concept started as a secondary location for conducting malware scans of business data. In the context of practical application, the clean room should be implemented as a trusted environment where data and code analysts examine digital evidence related to incidents, breaches, or system events that would generally be classified as negative, undesirable, and potentially harmful.

“The (clean room) environment is a place where the security operations team can perform the investigative steps needed to understand how the attack occurred without the attacker being able to eavesdrop on the investigation. Building a timeline of the incident allows them to develop a recovery plan that eliminates the threat and helps prevent future re-infection. Once the data has been proven clean in this isolated environment, it can be moved to a staging area for testing to ensure functionality is not lost before returning to production,” explained Chris Hoff, senior product marketing manager at Cohesity.

According to the World Economic Forum 2024 outlook report, about a third of business executives believe that skills gaps are the top challenge they face in achieving IT resilience goals. With budgets always a challenge, and the specter of declining skills failing to keep up with the pace of AI’s negative uses, perhaps organizations need to use the same technology for the greater good—and that’s of course what Cohesity is trying to promote.

Fighting fire with fire

“Threat actors are increasingly relying on AI to not only create more sophisticated attacks, but also dramatically increase the volume of those attacks,” said Craig Martell, Cohesity’s Chief Technology Officer. “We’re giving users the tools to fight fire with fire, helping them confront and recover from threats to their environment quickly, ensuring business can continue as usual. Our enhanced Cyber ​​Recovery Assistant and Clean Room design will make our customers more resilient, as we continue to innovate more responsible, AI-powered capabilities in the Cohesity Data Cloud.”

Cohesity says its clean room design provides a trusted, proven foundation that accelerates incident recovery and extends IT teams’ investigations while minimizing the risk of secondary attacks. The modular design helps isolate an attack or breach and provides several native capabilities to support IT’s clean room investigation needs.

The company has also improved its AI-powered recovery assistant tool. Using security context as an input stream for generative AI and supplementing it with multiple sources, including threat scanning, ransomware detection, data risk, and posture, users can receive alerts to flag anomalies. They can then engage in conversation to assess the impact of anomalies and link events, and get guidance on the appropriate next steps in investigation and any necessary remediation—all from a software “wizard” without the need for a dedicated professional to be present or in touch.

Smooth software evolution

Returning to our initial analogy, software experiences condensation due to the flow of precipitation that takes place in cloud networks with their foldable and virtualized structures that reduce the size of the particles that now constitute the actual computing clouds themselves. Fighting fire (AI) with fire as we try to direct our watery IT streams to the right place may sound rather elementary, but it is probably what we need to do to keep our feet on solid ground.