Vantage IQ Assistant Extends AI Engine into Query Creation

Vantage IQ Assistant Extends AI Engine into Query Creation

Organizations of all sizes and across every industry are adopting AI technologies to transform their businesses and reap the practical benefits of increased efficiencies, optimized resource allocation, and improved products and services. OT networks are especially primed for AI and machine learning applications due to their complexity and the cyclicality of their processes.  

For years, Nozomi Networks has been on the forefront of adopting AI technologies to help protect and secure OT networks from increasing cyberattacks. Recognizing the unique cybersecurity needs in the OT/ICS industry, we built AI-driven algorithms into the Nozomi Vantage platform that can quickly ingest and analyze large volumes of asset data that would be difficult to evaluate any other way. This helps security teams do more with less, by automating the time-consuming tasks associated with reviewing, correlating and prioritizing network, asset, and alert data. Nozomi Networks leverage these AI-enabled capabilities further in Vantage IQ and now Vantage IQ Assistant.

The AI Innovation Continues with Vantage IQ Assistant

With the newly released Vantage IQ Assistant (a new feature within Vantage IQ), we have taken our mission of delivering AI-enabled cybersecurity for OT/ICS environments one step further. While Vantage IQ provides users with predefined queries for insights into what's happening across their environment, the Vantage IQ Assistant feature serves up potential queries when users enter in natural-language keywords questions.  It enables teams to quickly ask relevant questions about their real time data, address urgent issues in the OT environment, and accelerate time to remediation. In essence, Vantage IQ becomes your "AI assistant,” helping your security teams be more efficient.  

For Vantage IQ Assistant, Nozomi Networks leveraged generative AI to gain a better understanding of our back-end database and the query engine. From there, we were able to map the queries to the database so that teams using Vantage IQ Assistant can more easily create the queries that provide insights into their OT/ICS environments.

How Does Vantage IQ Assistant Work?

Vantage IQ Assistant serves up structured questions based on keywords tied to a backend database. For example, if a network administrator enters “assets” and “Mac vendor,” Vantage IQ Assistant will provide a list of relevant questions related to these words and offer other potential questions.  

Here are some examples of the questions that might pop up:  

  • Can you show all my assets having MAC vendor  
  • Can you show all my Sessions that occurred within the last 3 hours, grouped by originating and destination Zones, and provide a count for each group?  
  • Can you show all my Assets grouped by type and generate a pie chart where each slice’s area is proportional to its count?    

In addition to asset information, network administrators or security analysts can easily create queries to gather information on alerts, vulnerabilities, sessions, links, etc. to help address urgent issues and accelerate remediation.  

With Vantage IQ Assistant, there’s no learning curve. Vantage IQ Assistant enables different types of users with different skillsets to ask questions about their real-time data and gain in-depth insights into their OT/ICS environment. For example, a security analyst may be interested in alerts and vulnerabilities. Queries could be created to bubble up alerts with high priority in the last week or assets showing vulnerabilities. Whereas, the network administrator may be interested in seeing the number of sessions in a particular section of the network. Or the MAC assets connected to IP Address In addition, suggested queries can be quickly customized for your needs.    

Another cool feature of Vantage IQ Assistant is the microphone option. A user can enable the microphone in mobile devices or tablets as a hands-free option to ask questions and create queries.

How Can I Access Vantage IQ Assistant?

Vantage IQ Assistant is available for all Nozomi Networks Vantage customers as part of a free, 60-day Vantage IQ trial. We are excited about this new feature and hope that all customers take advantage of the free trial and utilize Vantage to its fullest potential. For customers with Vantage IQ, Vantage IQ assistant is already part of the subscription.  

If you have any questions or need assistance, please reach out to your account team, channel partner or Nozomi Networks representative for support.