Sweet Security Unveils Patent-Pending LLM-Powered Detection Engine

Tel Aviv, Israel, January 15th, 2025/CyberNewsWire/--Sweet Security a leader in cloud runtime detection and response, today announced the launch of its groundbreaking patent-pending Large Language Model (LLM)-powered cloud detection engine. This innovation enhances Sweet's unified detection and response solution, enabling it to reduce cloud detection noise to an unprecedented 0.04%. Sweet uses advanced AI to help security teams navigate complex and dynamic environments with improved precision and confidence.

Detection of Unknown Unknowns

The introduction of Sweet’s patent-pending LLM technology transforms its ability to identify previously undetectable threats. By evaluating cloud variables and anomalies in real-time - and adapting the findings to the nuances of the particular cloud environment - Sweet’s cloud detection engine is capable of uncovering zero-day attacks and "unknown unknowns" — threats that have not been introduced or published to the world. This eliminates the need to predefine what constitutes abnormal or malicious behavior and streamlines the differentiation between unusual activity and actual attacks.

Fast Validation/Vindication of Findings Through Incident Labels

Sweet’s patent-pending LLM-powered cloud detection engine excels at distinguishing between "weird" but benign anomalous activity and genuine threats. Each incident is labeled as either “malicious,” “suspicious,” or “bad practice,” indicating whether the anomaly is indicative of an attack and requires further attention from SecOps or is an unusual but legitimate activity that needs to be reviewed by DevOps.

Security teams can eliminate false positives, streamline workflows, and focus their attention where it matters most. The result is unparalleled operational efficiency and reduced alert fatigue.

Actionability at Scale

To ensure maximum usability, the new capability delivers actionable insights through:

●       Immediate mapping of “danger zones” in the environment through an intuitive heat map

●       Clear incident labeling, providing context and clarity for security analysts

●       Identification of relevant problem owners within the organization, streamlining incident response

This approach improves response times while promoting collaboration and accountability across teams.

Scaling Application Detection and Response (ADR)

In dynamic cloud environments, Sweet’s patent-pending LLM-powered cloud detection engine enables scalable Application Detection and Response (ADR). It does so by cross-correlating potential attack patterns with extensive application data to identify the 'smoking gun'—those elusive signals in the data that are indicative of an attack. This capability brings clarity and precision to applications where the sheer volume of data would overwhelm rule-based approaches.

Increased Certainty for Security Teams

With the introduction of this capability, Sweet continues to deliver on its mission to provide clarity and control for cloud environments. By reducing noise, enhancing detection accuracy, and empowering actionable insights, Sweet increases certainty within security teams, enabling them to operate with confidence in even the most complex cloud landscapes.

“This new capability is a game-changer for cloud security,” said Dror Kashti, CEO of Sweet Security. “By harnessing the power of LLMs, we’re not only reducing detection noise to near-zero levels but also providing security teams with the tools they need to act swiftly and decisively. This is a major leap forward in our commitment to delivering unparalleled detection and response for the cloud.”

Sweet Security is dedicated to protecting customer privacy and adheres to strict privacy standards by processing data securely and responsibly.

About Sweet Security

Sweet Security is the leading provider of Cloud Native Detection and Response solutions. Powered by comprehensive runtime insights and behavioral analytics, Sweet’s unified platform correlates data across application, workload, and cloud infrastructure to deliver best-of-breed real-time detections, as well as vulnerability management, identity threat management, and runtime CSPM.

By analyzing baseline behaviors across different entities and utilizing its LLM-powered detection engine, Sweet reduces cloud detection noise to 0.04%, helping organizations hit a benchmark of 2-5 min MTTR for all incidents. Privately funded, Sweet is backed by Evolution Equity Partners, Munich Re Ventures, Glilot Capital Partners, CyberArk Ventures, and an elite group of angel investors.

For more information, users can visit http://sweet.security.

Contact

VP of Marketing

Noa Glumcher

Sweet Security

noa@sweet.security