Threat Detection

Introducing the First AI-Capabilities to Instantly Transform Threat Intelligence Into Validated Protections

May 2, 2024
Prelude is excited to announce new, autonomous capabilities that dramatically improve how security teams can effectively process threat intelligence into validated protections.

Malicious actors and legitimate organizations are caught in an escalating war of speed and automation. AI is acting as the accelerant for malicious actors - recently demonstrating the ability to autonomously exploit vulnerabilities by "reading" threat advisories. Organizations, big and small, still rely on manual testing that takes weeks or months per unique threat to coordinate, execute, and remediate. It’s imperative that defensive systems also leverage AI, or they will be quickly overrun. 

Prelude is the first platform that allows legitimate organizations to autonomously update their defenses at machine speed. We leverage your existing threat intelligence to augment your existing XDR and validate that it is secure, in minutes. Organizations no longer have to rely solely on manual testing and remediations that keep them exposed for weeks or months. 

Today, we are excited to introduce three autonomous capabilities within Prelude’s product suite that work together to allow organizations to leverage AI to update their defenses against the latest threats. Prelude Detect now allows any organization to instantly turn their threat intelligence into validated protections.

New Generative Capabilities For Detection & Response Teams

  1. For offensive security teams - introducing the capability to use the output of that threat intelligence to validate the detections through safely mimicking the threat’s behaviors and signatures.
  2. For threat intelligence teams - introducing the capability to turn complex, long threat intelligence documents from any source into standardized, useful output based on normalized attack language. 
  3. For detection engineering teams - introducing the capability to use the output of that threat intelligence to create EDR and SIEM-augmenting detections.
"In my career as a CISO and cybersecurity investor, I've only witnessed a small handful of products as shocking as what Prelude is introducing today" says Steve Ward, Managing Director at Insight Partners. "What Prelude has built totally changes how organizations can react to threats and update their defenses at the speed needed in today's world."

Last week, we wrote a post illustrating the lengthy and complex detection & response process used to assess potential risk against the Volt Typhoon threat. The conclusion? It may take a typical organization hundreds of labor hours (not to mention the stress and time pressure) to produce a limited answer to the question 'Are we protected against Volt Typhoon?'. 

Now, let’s see how this process would work with the new Prelude capabilities we are announcing today

For threat intelligence analysts, Prelude can translate any document into useful actions that can immediately be tested and remediated

Example: Prelude reads, analyzes, and processes a 45-page Volt Typhoon threat intelligence document to begin developing tests and detections for 23 unique threat techniques.

For detection engineers, Prelude can produce high-quality EDR-specific detections

Example: Prelude creates IOAs for several of the techniques based on their variants, and enabling first drafts to be uploaded to CrowdStrike for editing and approval. 

For offensive security engineers, Prelude can produce tests that are ready to validate the defense against the threat

Example: Prelude creates tests for 23 of the techniques, combined into a single threat, that may require editing to make sure its relevant for your environment before running to validate your detection. 

Early Access

All of the capabilities showcased above are currently available in early access to our existing customers. If you’d like to partner with Prelude to accelerate your detection & response function, please contact us

Operationalize your threat intelligence—faster

Prelude evaluates your defenses by rapidly mapping the latest threat intelligence against your control configuration.