Cybersecurity consulting and MDR firm HoundBytes has launched an automated security analyst designed to replace the repetitive work of Tier 1 SOC analysts.
Named WorkHorse, the solution is described as a tool that easily integrates with an organization’s SIEM system and within minutes it begins transforming raw alerts into fully contextualized information that is ready for Tier 2 analysts. The goal is to cut alert fatigue to zero and reduce case triage time from hours to seconds.
The company says WorkHorse takes a different approach compared to its main competitors — traditional SOAR platforms — by eliminating friction points such as new dashboards, training requirements, new playbooks, and vendor lock-in.
WorkHorse started as an internal project at HoundBytes to solve its own Tier 1 alert overload, but it has now become a standalone solution with its own customer base, roadmap, and funding strategy.
WorkHorse leverages a machine learning algorithm based on a multi-graph approach and is stateless.
“Once it processes the alerts and creates the cases, the data is discarded from memory and waits for the next run or next set of data to group them together,” explained Marius Corîci, co-founder and CEO of HoundBytes. “The algorithm analyzes over 50+ datapoints for each graph where every graph is built from an alert and also enriches the case with everything available, from MITRE tactics to host data, user information, etc.”
The product receives updates based on feedback from customers’ SOCs, as well as the vendor’s own SOC.
Pricing for WorkHorse is determined by the number of alerts processed each month. A flat fee of $3,500 per month applies for up to 10,000 alerts. For over 10,000 alerts, organizations pay per alert on a sliding scale, where the cost per alert decreases as volume increases.
HoundBytes has been bootstrapped to date, but the company says it’s currently preparing for a funding round to accelerate growth.
“The goal is to expand our R&D, and engineering team, deepen AI capabilities, and scale sales operations in Europe, U.S. and Middle East,” Corîci told SecurityWeek. “We’ve already seen strong investor interest because WorkHorse addresses a massive pain point in the SOC world: the Tier 1 bottleneck.”
Related: CrowdStrike to Acquire Onum to Fuel Falcon Next-Gen SIEM With Real-Time Telemetry
Related: CISA Releases Guidance on SIEM and SOAR Implementation
Related: Dropzone AI Raises $37 Million for Autonomous SOC Analyst
