November 20, 2024 at 07:59AM
DeepTempo launched Tempo, a deep learning Snowflake Native App, enhancing security productivity and threat detection. Tempo optimizes existing security data lakes, detects anomalies, and provides context for triage. Organizations can save significantly on SIEM costs, with false positive rates below one percent, enabling efficient incident response and log management.
### Meeting Takeaways:
1. **Introduction of DeepTempo and Tempo**:
– DeepTempo launched Tempo on November 12, a deep learning-based application designed for Snowflake platforms to enhance security team productivity and threat detection.
2. **Core Benefits**:
– **Faster Detection**: Organizations can quickly identify attack indicators and emerging threats within their Snowflake environments.
– **Cost Efficiency**: Tempo helps optimize security spending by utilizing existing security data lakes, potentially leading to significant savings.
3. **Technology Overview**:
– **Log Language Model (LLGM)**: DeepTempo developed an LLGM to detect anomalies in network traffic, pre-trained on extensive log data, focusing on event patterns over time.
– **Integration with Existing Data**: Tempo is optimized for Netflow data and seeks partnerships with teams that manage similar logs (e.g., VPC Flow) for further development.
4. **Trial and Collaboration**:
– Security teams can explore Tempo using a sample dataset from the Canadian Institute for Cybersecurity, enabling them to view results in Splunk.
5. **Enhanced Context for Security Responses**:
– Tempo provides additional context for security triage by correlating findings with the MITRE ATT&CK framework and identifying potentially impacted entities.
6. **Log Management**:
– Organizations can retain more logs within Snowflake, using SIEMs primarily for incident response rather than storage, which can lead to substantial cost savings.
7. **Financial Implications**:
– A large financial institution estimated potential savings of several million dollars (up to 45% of SIEM spending) by adopting Tempo, leveraging Snowflake as the primary system of record.
8. **Performance Metrics**:
– Tempo has demonstrated high accuracy with false positive and negative rates under 1% after adapting to different user environments, focusing on deviations from normative activities without needing pre-defined attack patterns.
These takeaways summarize the main points discussed regarding the introduction and advantages of DeapTempo’s Tempo in enhancing security workflows and efficiency within organizations.