How U.NEAT Scaled Managed Security Operations Without Compromising on Speed or Quality

Challenges:

• Maintaining personalized, high-quality security services amidst a rapid 300% growth in their customer base
• Traditional, predefined playbooks were time-consuming to create and maintain, and couldn’t keep up with the ever-evolving threat landscape
• Analysts were spending time on low value-add tasks, and losing motivation

Business Impact:

• 27% reduction in the average response time to critical alerts
• 20% less time spent on Level 1 investigations

The Problem: Scaling Security Operations Amidst Explosive Growth

As a Managed Security Service Provider (MSSP) trusted by Europe’s largest companies, U.NEAT is known for offering 24/7 monitoring and highly personalized support across complex and varied digital infrastructures.

But, after experiencing 300%+ growth in their customer base in under a year, the traditional approach of creating and optimizing playbooks became too time-consuming, and false positives were creating extra work for already-busy teams.

Unwilling to compromise on the speed or quality of their service, U.NEAT needed a solution that would:

• Autonomously investigate alerts, without playbooks
• Be easy to set-up and maintain
• Seamlessly integrate with whatever tools they (and their customers) were using
• Offer important context to help busy SOC analysts prioritize their most critical threats, fast

The Solution: Autonomous Alert Investigation With Qevlar AI

Since connecting Qevlar AI to their XDR platform, Sekoia Defend, U.NEAT has been able to increase the speed and accuracy of investigations and reduce time-to-remediation without recruiting a single new analyst.

For every client, U.NEAT determines what data sources to connect to Qevlar AI. Qevlar then autonomously investigates alerts as soon as they’re triggered. Investigation steps are intelligently and dynamically selected, and run 100% independently to turn unstructured data into structured outputs. This includes a dynamic risk score, incident overview, and suggested next steps. The result? Analysts are able to deliver custom reports to customers in record time.

According to U.NEAT’s SOC Manager, Mathieu Schiano, within a day, they saw alerts being more effectively prioritized and valuable enrichment of IoCs. This ultimately helped them maintain a large-scale, personalized managed SOC service for each of their customers.

“We handle security incidents from end-to-end, guaranteeing personalized and effective service for each and every one of our customers. Qevlar AI supports Tier 1 analysts by pre-qualifying alerts and handling tedious tasks that would normally sap their motivation. The comprehensive reports generated by Qevlar AI have also been an important tool in training more junior analysts,"  Mathieu explained.

"We estimate analysts’ workload has been reduced by as much as 20%. The best part? They’re saving time on the things that are indispensable, but of little interest to them.” - Mathieu Schiano, SOC Manager at U.NEAT

“Qevlar AI’s autonomous investigations are secure, fast, and accurate. Importantly, the product leaves room for human action, as its reports are reviewed and validated by SOC analysts,” Guillaume Guilhen, Director at U.NEAT said.

Learn more about Qevlar AI

Qevlar AI acts as an invaluable extension of your SOC team, leveraging the power of LLMs to process large and variable security data streams to perform autonomous and detailed investigations. Our advanced AI models are trained on proprietary and public data, and are fine-tuned and re-trained for continuous improvement.

The platform – which is trusted by MSSPs and enterprises around the world – seamlessly integrates with existing systems, employs advanced techniques for unparalleled threat qualification, and provides in-depth threat assessments within user-friendly interfaces.