-
Equipping threat hunters: Advanced analytics and AI part 1
As cyber threats grow more sophisticated through AI-powered malware, zero-day exploits, and state-sponsored attacks, organizations face an increasing challenge in safeguarding their digital assets. The shortage of cybersecurity expertise and the sheer volume of data to analyze has led organizations to seek a balanced approach to threat detection. This approach integrates the precision of rule-based detection, the adaptability of AI/ML models, and the critical thinking of humans. This article aims to explain the role of each of these elements in threat detection and how their combination forms a strong defense against today’s advanced cyber threats.
This is the eleventh post in our ongoing “The Rise of the Threat Hunter” blog series. To learn more about the series and find previous posts check out our series introduction or read last week’s post “The future of threat hunting”.
Rule-based threat detection
Rule-based threat detection has long been an instrumental tool in cybersecurity and is one of the earlier methodologies for identifying and mitigating threats. Traditionally, this approach involves creating specific rules and signatures for known malware and threats and scanning new data for these predefined patterns. Rule-based detection has evolved significantly in recent years, with systems like the advanced real-time event correlation engine within OpenText’s ArcSight ESM that enable precise threat identification and rapid response based on rules.
The strength of rule-based detection lies in its high interpretability and out-of-the-box usability. The transparency provided by rules simplifies investigations by providing clear connections between alerts and the triggering events. These systems are particularly effective in detecting known threats and can be easily deployed with minimal configuration.
However, rule-based approaches have limitations, particularly in adapting to new and unknown threats. Their rigidity rules involving thresholds can increase false positives, especially when data distributions drift due to organizational changes. Maintaining and updating these systems can also be time-consuming and often requires manual interventions.
AI/ML-based threat detection
Behavioral threat monitoring with AI/ML
Machine Learning (ML) and Artificial Intelligence (AI) are revolutionizing threat detection by using advanced techniques to identify both known threats (e.g., brute force, phishing) and unknown threats (e.g., zero-day exploits). These technologies can be tailored to specific organizations by training on their unique data. ML/AI-based systems use supervised models with labeled datasets or unsupervised models that learn normal behaviors and flag deviations as potential anomalies. Platforms like OpenText’s ArcSight Intelligence use various models to proactively detect threats by analyzing different behavioral patterns within an organization.
There are several factors to consider when training AI models for threat detection.
* Transparency and traceability: The Predictions from the models need to be backed with evidence or explanations to help threat hunters understand and trust their decisions and take effective action.
* Adaptability: As users’ and systems' behaviors evolve, the models must adjust to the new patterns without losing accuracy.
* Scalability: AI models must handle vast and growing cybersecurity data efficiently.
* Relevance: Statistical anomalies may not always be significant from a security perspective. Understanding and distinguishing these anomalies helps reduce false positives and ensures that the model's outputs remain relevant and actionable.
The strengths of AI/ML in threat detection include their ability to identify unknown threats by detecting deviations from normal behavior patterns. This makes them more effective against sophisticated attacks that evade traditional methods. These models are also easier to maintain as they adapt to changing data without constant human interventions.
However, challenges exist, such as interpreting complex model outputs if the transparency principle is not adhered to. Additionally, limited access to comprehensive threat data complicates the validation of unsupervised models. These models also require sufficient baseline data to make accurate predictions—a process that can take time. Despite these challenges, AI/ML-based threat detection has proven to be a remarkable advancement in cybersecurity, offering state-of-the-art solutions to emerging threats.
Threat hunting using generative AI
Large Language Models (LLMs) are recent advancements in the Generative AI space. They are tools designed to produce human-like text and are widely used for tasks like summarization and developing chatbots. LLMs offer significant potential in cybersecurity, particularly as natural language interfaces between threat hunters and analytics systems.
LLMs for generating threat reports
Rules and AI/ML models speed up threat hunting, but large volumes of alerts can overwhelm threat hunters. LLMs ease this burden by generating reports summarizing the threat landscape and highlighting key anomalies. These summaries help security teams quickly understand critical issues, enhancing efficiency and focus.
LLM-based threat hunting assistant
Beyond generating summaries, LLMs can also serve as natural language interfaces to interact with data in natural language, facilitating pattern discovery, answering queries, and uncovering insights. This intuitive interaction with security data helps teams detect and respond to threats more effectively.
LLMs for code generation
LLMs' code generation capabilities can be utilized for tasks like automatic rules generation. This will allow threat hunters to generate rules from natural language descriptions, making the process of rule configuration more intuitive.
Human insight in threat detection
Despite the availability of advanced threat detection tools, threat hunters’ role remains indispensable due to the critical human insight they bring. The automated tools could enhance the efficiency of threat hunters. Still, human judgment, critical thinking, and the ability to make decisions under pressure are irreplaceable in detecting sophisticated attacks that automated systems might overlook. Moreover, threat hunters are essential in keeping automated systems relevant and effective, whether by defining and updating rules or collaborating with data scientists to refine AI/ML models. Their deep understanding of evolving threats ensures that detection systems remain accurate and responsive in the face of new challenges.
The integrated approach: A robust defense system
Integrating rules, AI/ML models, and Large Language Models (LLMs) can create a more comprehensive and effective threat detection system for threat hunters. Rules are particularly effective at identifying known threats and malware signatures, while AI/ML models excel at detecting unknown threats by capturing deviations across various behavioral dimensions. By layering rules on top of model outputs, the resulting detection system can be less noisy and more accurate than rules applied directly to raw data. Additionally, ML models can incorporate rule violation results as features, enhancing their predictive power. Finally, LLMs can serve as a user-friendly interface, effectively presenting the combined insights from both rules and models to threat hunters, facilitating more accurate and actionable threat analysis. Human threat hunters are indispensable for their unique insights and decision-making abilities, complementing automated tools to detect complex attacks. They help to ensure that detection systems stay up-to-date and effective against evolving threats.
Learn more about OpenText Cybersecurity
Ready to enable your threat hunting team with products, services, and training to protect your most valuable and sensitive information? Check out our cybersecurity portfolio for a modern portfolio of complementary security solutions that offer threat hunters and security analysts 360-degree visibility across endpoints and network traffic to proactively identify, triage, and investigate anomalous and malicious behavior.
The post Equipping threat hunters: Advanced analytics and AI part 1 appeared first on OpenText Blogs.
-
Make the Shift to Legal 3.0: The Future is Today. Unleash Your AI Potential
Legal innovation requires a growth mindset: seeking new ways to solve problems and effectively deliver impact, value, and improve outcomes. Technology continues to evolve, giving legal practitioners new opportunities to up their game and leverage innovation to increase efficiency and efficacy. Over the past decade, to keep pace with digital transformation, legal leaders have embraced automation and machine learning to optimize operations and improve business outcomes. However, technology is moving at lightning speed, and keeping pace is no longer good enough in a Legal 3.0 world.
What is Legal 3.0 you say? What does that mean? In our recent co-branded white paper with Corporate Counsel Business Journal, we discuss how we are on the brink of this new paradigm, necessitating a fundamental shift in how legal teams deliver advice and services – getting to critical facts faster and improving case strategy. We explore the unique challenges posed by the Legal 3.0 world, and what legal leaders need to do to successfully navigate this transition.
This blog goes a bit further. It provides modern legal practitioners with three actionable tips and tricks to maximize the benefits of legal technology, gain greater control over data, and prepare for the AI-driven future that is Legal 3.0.
Become a tech-savvy attorney
In Legal 3.0, lawyers need to focus on a different way to interact with technology to achieve speed, accuracy and maximum return on investment. Now, more than ever, legal practitioners must demonstrate a mastery of technology. In the context of generative AI (GenAI), they will need to fine tune results and responses they expect from prompts and learn to ask questions in a way that increases speed to facts. As lawyers increasingly interact with GenAI, they will need to develop the skills to ensure they can use prompts effectively to maximize the value of the technology. They can let the machine take a first cut at issues and then apply legal reasoning and refinement to drive case or investigative strategy. They must also learn of the risks and issues with AI and how to detect and defend when it is being used. While the thought of mastering new legal tech GenAI technology may seem overwhelming, with the proper tools at your disposal the journey to Legal 3.0 can be simpler than it sounds.
Develop critical technical partners
According to a recent survey, 72 percent of general counsel stated that CIOs play a critical or important role in delivering on departmental innovation strategy. Achieving desired departmental goals starts with developing critical partnerships with a variety of technical experts. With many rules, laws, and procedures in place requiring attorneys (both outside and in-house counsel) to demonstrate a duty of technological competency, they find this particularly critical to keep up with skills required to address issues or that involve the actual handling and use of electronic data and information systems. If they lack the skill, it is sufficient to consult with experts to assist with leveraging technology to test, adopt, or deliver legal services. This includes data scientists and IT leaders that have a greater mastery of AI standards, applications, and risks associated with managing and using data. And if those roles do not yet exist, steps should be taken to bring in those resources permanently or in a consultative capacity.
AI-readiness is a process
By investing in AI-driven solutions and fostering a culture of innovation, lawyers and their teams can position themselves as the leaders of Legal 3.0. They need to take the appropriate steps to investigate the impact of AI, particularly GenAI technologies, and the benefits associated with cost reduction and productivity gains. Failure will be largely attributed to insufficient testing and validation. Those ready to enter this new world are spending a great deal of upfront time testing AI in real-world scenarios to assess its benefit and reliability for production and investigation reviews. This includes exploring the potential of GenAI and its relevance or initiating pilot projects to validate its effectiveness in specific areas if those innovators have not done so already.
Conclusion
AI, advanced analytics, automation, and integration are necessities, not luxuries. Speed to facts is becoming the norm and managing risk should always be proactive, not reactive. Embracing this new era will require a commitment to continuous learning, innovation, and a willingness to adopt and integrate cutting-edge technologies into everyday legal practice. By doing so, legal teams can not only keep pace with evolution but also lead the way in delivering superior legal services in a rapidly changing world.
Prepare for an AI driven future, download the whitepaper: “Journey to a Legal 3.0 world”
How OpenText can help
OpenText empowers legal departments to embrace this new era with confidence, enabling them to thrive in a fast-paced, data-driven environment – delivering outcomes with Legal AI tools.
We are committed to helping our customers on their journey to Legal 3.0, where handling data of any type, at any speed, and from anywhere is essential. Our Legal Tech Aviator – the AI central nervous system of our Smart Legal Platform –offers a competitive GenAI edge. This comprehensive approach to data analytics leverages the power of Large Language Models (LLMs) for crucial legal applications such as eDiscovery. With Aviator, legal teams can quickly unlock insights and make smarter decisions, regardless of data volume, source, or format. By harnessing the power of data with an all-in-one solution for AI-driven insights, productivity, and risk management, legal teams can elevate their potential and fuel business and legal decision-making for better outcomes.
The post Make the Shift to Legal 3.0: The Future is Today. Unleash Your AI Potential appeared first on OpenText Blogs.
-
Empower business users to spin up apps with AI-assisted development
Low-code development is often overlooked as a mainstream business tool. Misconceptions about technical requirements, governance and scalability cause organizations to hesitate to put development into the hands of business users—missing the efficiency gains that follow.
But the tides are changing, and low-code development is ready for prime time.
Gartner® predicts that by 2026, developers outside of formal IT departments will account for 80 percent of the user base for low-code development tools, up from 60% in 2021, due to multitudes of citizen development, and executive-sponsored democratization initiatives with generative AI accelerating this shift.[1]
And the move is already underway, with business developers spinning up new apps with record speed, ease and reach. Let’s look at how organizations can empower business users with AI-led development, optimizing business processes to meet market and customer demands without risk.
Answering the CEOs call with confidence
The push for low-code adoption is coming from the top-down, with 67 percent of CEOs wanting more technology work done directly by business functions.[2] As a result, IT is under pressure to democratize application delivery, but worries about weak governance and security gaps remain. Gartner suggests resisting the impulse to play IT gatekeeper, as blocking low-code initiatives only hurts productivity, slows app delivery and leads employees to turn to shadow IT.
Yet, with only 24 percent of citizen developers today creating automation with low-code tools[3], how can organizations answer CEOs’ calls for widespread enterprise citizen development?
The answer: a well-governed, AI-led low-code platform to enable business developers and democratize low-code development across the organization. This is made possible by delivering on three key fronts:
1. No developer experience, no problem
According to Forrester, “Development is becoming a skill spectrum, not just a job, and enterprises must apply technology [i.e., a low-code platform] that directly enables and supports the pattern.”[4]
With an AI-led development platform, such as OpenText™ AppWorks™, business users turn into business developers in an instant, able to meet the organization’s need for basic apps. No extensive AppWorks experience required, users can generate apps to automate processes using Developer Aviator, the AI-powered development feature. Solution builders can leverage Developer Aviator by customizing ready-made templates available for standard business processes, entering simple text instructions or importing the Excel file of a process previously tracked by a spreadsheet. Users can subsequently leverage low-code tools to configure the generated apps.
2. Eliminate dependency on pro developers and IT
According to a 451 Research, part of S&P Global Market Intelligence, custom study, process automation/workflow development is one of the top three use cases for genAI.[5] With a low-code development platform powered by GenAI, organizations can bridge the skills gap and empower business users to generate a variety of process automation apps, augmenting and automating process app creation. Plus, by simplifying and expediting creation of basic applications, organizations can increase business agility without taxing developer resources. Solution builders can share their basic applications with professional developers to add custom code and scale solutions to meet business requirements.
3. Focus on governance
When lowering the barrier to app development, governance becomes more important than ever to avoid the sprawl of apps. Yet Forrester found that vendors often don’t inform customers of available governance features.[6]
OpenText AppWorks allows organizations to embrace low-code development with confidence, safely putting app creation in the hands of business users. We enable companies to take advantage of role-based access control to grant different levels of capability and access to different types of developers, as well as separating configurations and data by teams and department to segment who can do what and where. If needed, IT can be involved in the promotion of applications between a developer environment and the production system to allow more control over the allocation of production resources.
Plus, usage reports allow an administrator to monitor how many applications are being deployed and which users are assigned to each application, and a dedicated administration module helps manage deployed applications, disabling and deleting as desired.
Put low-code development misconceptions to rest
Bringing together governance and AI-led development allows organizations to democratize automation and app development, turning low-code into a mainstream business tool. Using GenAI to simplify and streamline app creation turns employees into confident business developers and delivers the following benefits:
* Speed: Expedite time to value
* Savings: Lower total cost of development and technical debt
* Supercharged efficiency: Generate easy-to-deploy process automation and other applications within a single, easy-to-use platform
* Agility: Increase agility by democratizing process automation development for an improved customer experience
Ready for app development to take flight across your organization?
See for yourself how AppWorks Developer Aviator delivers an intuitive and powerful user experience to make productivity and efficiency soar.
The post Empower business users to spin up apps with AI-assisted development appeared first on OpenText Blogs.
-
Digital twins reimagined at scale for energy and resources
As a global society we rely on machines so much that it’s easy to take them for granted.
We rely on machines to ensure water comes out of our faucets, heat our homes and businesses, fill our cars with petrol or electricity, construct and maintain roads, transport people and goods, provide medical images, and manufacturing more machines. Businesses and consumers rely on machines so much that exponentially more will be built, and their designs and operational performance will need to last longer without compromising safety. There is plenty of data available to help make this happen as “machines now generate one million times more information in one day than all humans on this planet do in an entire year.”1
The ratio between man and machine
All industries use machines, yet the energy and resources sector including utilities, oil and gas, chemicals, and metals & mining industries is the most capital intensive.
In this sector, the ratio of gross plant, property, and equipment (aka. ‘machines’) published in any asset owner’s annual report compared to the number of employees (aka. ‘man’) on average is $2,000,000 of gross PP&E per employee. In comparison, all other industries average $200,000 of gross PP&E per employee. A difference in magnitude of 10x.
The ratio between ‘man & machine’ will continue to rise for all industries and especially across energy and resources sector because of the vast amount capital investment in new machines. Capital expenditures for the energy industry alone is estimated to grow 49% over the five-year period from 2021-2025 compared with the previous five years.2 Taking a much longer view, $3.5 trillion of annual capital investment is made in the energy industry today and by some estimates will grow to $9.2 trillion by 2050.3
Digital twins will play an increasing role in improving operational efficiency and safety
Humans require machines. And machines require humans. I’m passionate about this relationship having been spent a decade of my career in field services (the human side of the equation) in the energy sector and another decade in industrial process instrumentation (the machine side of the equation).
Having entered the software industry five years ago with a majority of that time with OpenText, it opened my eyes to the important role software and more specifically the information management software domain plays in connecting man and machine. Just as both humans and machines need to be managed to achieve their highest performance, so does the information that is generated or used by either one of them. The better that information is managed, the digital representation of the machine (or digital twin) and the workflows that directly support their operational performance will be more trusted, autonomous, and secured. Moreover, adding in the power of AI and LLMs, the value of digital twins can be maximized to confidently predict and safely act on machine performance.
Digital twins of assets, equipment, and supporting workflows will play an increasing role in helping improve operational efficiency, reduce costs, minimize risks, and predict machine failures before they occur. McKinsey & Co estimates that the global market for digital twin technologies are forecasted to grow at 60% annually over the next five years reaching $73.5 billion by 2027.4
Information reimagined, or in this case digital twins reimagined, is to extract the most potential out of both man and machine with i) trusted information with governance over large data sets ii) next generation autonomous cloud – utilizing software to safely automate mundane tasks and minimize human errors iii) AI and security everywhere – at scale, with enterprise strength. Creating digital twins at scale will be needed to safely manage substantially more machines per employee in the years to come.
Digital twins reimagined with information management
It’s often misconceived that a digital twin of a machine is simply a function of its real-time sensor streams and a predictive model that learns what good, bad, and cautionary performance looks. While a digital twin certainly should incorporate real-time measurements of its performance, there are many more aspects to creating a true digital representation of a machine.
Financial systems of record such as ERP contain the information to create a digital twin of the machine’s financial record over time. Asset maintenance systems of records such as EAM contain the information to create a digital twin of the machine’s maintenance record over time. GIS applications contain the information to create a digital twin of the machine’s geospatial record over time. These examples of digital twin characteristics are very important to creating digital twins, yet still contain information gaps to create digital twins at scale that are trusted, autonomous, and secure. These software applications are designed and specialize in structured data (organized in rows, columns, and tabs) within their respective domains and act as vertical threads of a digital fabric representing a digital twin.
Every fabric has horizontal threads and is true for digital fabrics as well. Below, are seven information management components that act as horizontal threads across a digital fabric and create a trusted, autonomous, and secure digital twin of a machine across its lifecycle at scale.
Knowledge reimagined
* Content: Equipment manuals, product data sheets, safety manuals, work orders, installation images, etc.
* GenAI: Intelligent assistant to quickly find answers to questions contained in asset documentation.
Connections reimagined
* Business Network: Secure sharing of machine sensor and EDI information between owner, manufacturer, and field service providers to automate supply chains and predict failures.
* GenAI: Virtual advisor to quickly access when spare parts, replacements, or service will arrive or surface any other information about the vendor transactions that impact a machine.
Decisions reimagined
* AI & Analytics: Enrich asset documentation, analyze asset imagery for hazardous conditions, and big data-analytics on machine performance.
* GenAI: Predictive machine analytics at scale.
Conversations reimagined
* Experience: Elevate the discussions around assets via drone videos, technical support call quality management, crowd sourced information for distributed assets, and more.
* GenAI: Create tailored content to inform machine owners on recommended service to meet SLAs.
CloudOps reimagined
* ITOps: Service management and network operations management to speed up device monitoring, configuration, and resolution time.
* GenAI: Virtual agent for quick issue resolution leveraging knowledge from service tickets on similar devices.
Security reimagined
* Cybersecurity: Defend against the most sophisticated cyberattacks on energy & resource infrastructure.
* GenAI: Behavioral based cyber threat hunting and detection.
DevOps reimagined
* DevOps: Streamline the deployment of software that enhances digital twin creation and representation of an asset.
* GenAI: Faster application delivery, development, and automated software testing to improve the quality, reliability, and scaling of your digital twins.
Are you ready to take action?
Learn more about OpenText solutions for Utilities, Chemicals, Oil and Gas, Metals and Mining and Engineering, Procurement and Construction that can help you work smarter.
------------
1Versant: Decoding the OpenVerseTM, Mark Barrenechea
2S&P Global, Upstream capital expenditures outpace cleantech, but for how long?
3McKinsey & Co, Capital projects are critical for a green future.
4McKinsey & Co, What is digital-twin technology?
The post Digital twins reimagined at scale for energy and resources appeared first on OpenText Blogs.
-
DevSecOps: It’s Time to Level Up (with a Little Help from AI)
Ever feel like the software world is spinning faster than a fidget spinner in overdrive? Security threats are evolving at warp speed, and keeping up feels like trying to catch a greased piglet.
But hey, don't stress. DevSecOps is already your secret weapon, baking security into every line of code. Now, imagine adding AI to the mix. It's like upgrading your skateboard to a hoverboard.
Welcome to the OpenText DevSecOps Virtual Summit
On Sept 24, we're not just talking about the future – we're building it. We're diving into how AI is turbocharging DevSecOps, making it faster, smarter, and more secure.
Here's the lowdown:
* Keynote: Rita Jackson and Alan Shimel will drop some serious knowledge on how OpenText's AI-powered tools are turning the DevSecOps game on its head. Think seamless collaboration, intelligent automation, and proactive security. It's like having a superhero team protecting your code.
* Breakout Sessions:
* Level Up Your DevSecOps Game: When it comes to software development, security can't be an afterthought. Join John Falk as he dives into the crucial role of DevSecOps in delivering top-notch, secure products. Learn how to integrate security practices from day one, so you can squash vulnerabilities, stay compliant, and streamline your development process.
* AI: Friend or Foe? (Spoiler: It's Both): AI is awesome, but let's be real, it comes with its own set of security challenges. Kelly Gundler will guide you through the risks of AI deployments, from sneaky attacks to data privacy nightmares. Discover how to protect your AI models and data while still pushing the boundaries of innovation.
* Cloud Migration: Mythbusting 101: Thinking about moving to the cloud but worried about security? Gordon Fitzsimmons is here to debunk the myths and show you how to migrate smoothly and securely. No more fear of the unknown, just practical strategies for a successful cloud journey.
* Fireside Chat: Industry legends Alan Shimel and John Willis will be sharing their unfiltered thoughts on the future of DevSecOps and AI. Consider this your exclusive backstage pass to the tech revolution.
* Panel Discussion: Get ready for some real talk as experts tackle the challenges you face every day and reveal the innovative solutions that are changing the game.
Who's this for?
* Developers who want to code faster and safer.
* Security pros who are tired of playing catch-up.
* IT Ops teams who want to streamline their workflow.
* Basically, anyone who wants to stay ahead of the curve and build a better digital future.
Ready to level up your DevSecOps game?
Register now and let's shape the future of software together.
The post DevSecOps: It’s Time to Level Up (with a Little Help from AI) appeared first on OpenText Blogs.
-
Dobeles dzirnavnieks finds the perfect recipe for growth success
At Dobeles dzirnavnieks, we provide flour, pasta, cereal flakes and many more food products to millions of consumers across more than 70 countries. Based in Latvia, we operate production facilities that cover over 21 hectares.
Dobeles dzirnavnieks is already the largest pasta producer in Northern Europe—and we continue to grow. Driving one of the largest food production businesses in Baltics is no simple task. As well as satisfying a wide range of stringent regulatory requirements, we must demonstrate that we are adhering to best practices during regular audits. At the same time, we need to orchestrate a complex set of supply chain and logistics processes to ensure that we can keep our production lines moving smoothly day after day.
Heading for an efficiency crunch
In the past, we relied on paper to support our operations. But, as the business continued to grow, it was becoming more and more difficult to maintain high levels of operational efficiency using manual processes.
For example, we had regular audits that required several full-time employees to sift through our records and find the required documents - financial audits, quality and certification audits, and those organized by clients. Regulatory requirements are evolving and tightening all the time, and we knew that preparing for audits was only going to become more complex and time-consuming in the future.
Another big challenge was our accounts payable (AP) process. Previously, our AP team spent a significant amount of their time chasing up management teams for paper invoice approvals. Once an invoice was approved, the AP team spent more time still re-keying the data into our ERP system.
As we put more investment into company operations and business growth, we realized we needed a new approach–manual processes required a significant increase in headcount.
Searching for a new approach
We launched a comprehensive digital transformation initiative. Our goals were ambitious: implement a brand-new ERP, business intelligence suite and warehouse management system, all at the same time. Replacing our paper processes was a key property, so we also aimed to deploy a content management platform.
As soon as we started exploring the capabilities of OpenText™ Extended ECM, we realized we had found the ideal solution. With security and data governance built in, we were confident that the OpenText solution satisfied all our core requirements. Crucially, OpenText content management offers powerful workflow capabilities—enabling us to build new digital processes around our content.
Selecting a trusted partner
To deploy OpenText content management, we worked with our trusted technology partner, Digital Mind. Working with Digital Mind was an excellent experience from start to finish. The team helped us to map out our existing paper processes and plan how best to bring them into the OpenText solution. Digital Mind was always challenging us with new ways of thinking about our processes and technology, and we knew we could count on their support and guidance whenever we needed it.
Thanks to our partnership with Digital Mind, we now have a central, secure platform to process and store digital documents—including invoices, supplier contracts, external correspondence, and many others. This content is easily accessible and searchable, which means there’s no need for our people to trawl through paper records to find information.
Boosting efficiency with digital workflows
One of the biggest benefits of the OpenText content management platform is that it allows us to work much more efficiently than before—for example, we are saving 3.5 full-time equivalents in AP alone. As a result, we will be able to grow our business without significantly increasing our back-office headcount.
Our transformation is also helping us to improve our environmental sustainability. Today, 73% of our supplier contracts, 88% of our correspondence and 100% of our quality management documents are digital. Overall, we’ve cut our paper consumption by 80%, which saves the equivalent of 65 kg of paper every year.
Through our work with Digital Mind and OpenText, we are able to do more with the same resources. We’re by no means finished with our digital transformation project; we plan to keep working with Digital Mind to bring more of our paper processes into OpenText.
To learn more about how OpenText content management is helping us to facilitate business growth, read our case study.
The post Dobeles dzirnavnieks finds the perfect recipe for growth success appeared first on OpenText Blogs.
-
OpenText Named a Leader in the IDC MarketScape for Intelligent Content Services
Every organization must be prepared for the next era of productivity in which knowledge work is fueled by automation and AI. But while you may be feeling pressured to get started and secure some quick wins to drive growth and differentiation, the best GenAI experiences must be built on top of quality data and a great enterprise content management strategy to realize GenAI’s full potential and value.
We are pleased to announce that OpenText™ has been named a Leader in the IDC MarketScape: Worldwide Intelligent Content Services 2024 Vendor Assessment (doc #US51467323, September 2024). We believe this recognition is a testament to OpenText’s history as an industry pioneer in enterprise content management and innovator of disruptive AI solutions. OpenText is recognized for its integration approach that puts “content in context,” information governance capabilities that enable automated, defensible governance across the content lifecycle, and industry and LOB applications that enhance utility for users, including purpose-built solutions for highly regulated industries.
“Generative AI is setting the stage for a new era in content services, offering unprecedented ways to interact with unstructured data,” Holly Muscolino, Group Vice President, Workplace Solutions at IDC.
Amy Machado, Senior Research Manager, Content and Knowledge Management Strategies at IDC. added, “Intelligent content services are transforming static documents into dynamic business resources, driving operational efficiency and innovation with automation and AI.”
According to the IDC MarketScape report, “Organizations should consider OpenText for its strong content governance, records management, and workflow capabilities. Content Cloud solutions manage the life cycle, distribution, use, and analysis of information across the organization. With tight integrations to SAP, Teams, Salesforce, and a long list of industry and LOB solutions, OpenText provides value to a wide array of use cases, especially for large enterprise customers and highly regulated industries.”
OpenText™ Content Cloud is a suite of AI-ready enterprise content management solutions, from capture and automation to governance and archiving, that helps organizations use intelligent content to reimagine knowledge.
The post OpenText Named a Leader in the IDC MarketScape for Intelligent Content Services appeared first on OpenText Blogs.
-
FedRAMP® Authorized: OpenText Solutions Help Government Agencies Achieve Mission-Critical Objectives
Public sector agencies across federal, state, and local governments want to deliver reliable and secure services to their employees, contractors, citizens, and other fellow agencies. Because such agencies may be the target from multiple threat actors and have access to sensitive data, they have stringent security requirements. To that end, the US government implemented the Federal Risk and Authorization Management Program (FedRAMP®) to help assure cloud services and products being used by federal agencies are secure. Following the federal government’s leadership, many state and local governments have also implemented similar regulations and requirements, most of which are met when a cloud service or product achieves FedRAMP Authorization.
What is FedRAMP?
The Federal Risk and Authorization Management Program (FedRAMP®) is a government-wide program that standardizes the security assessment, authorization, and continuous monitoring of cloud products and services used by federal agencies. FedRAMP authorization provides assurance to federal agencies that the cloud services they use meet hundreds of security standards, thereby helping to protect sensitive government data from cyber threats and unauthorized access.
Why is FedRAMP authorization important?
Cloud Service Offerings (CSO) that achieve FedRAMP authorization can be implemented by government agencies with confidence. FedRAMP authorization offers several benefits for government agencies:
* Enhanced Security: FedRAMP ensures that cloud services meet stringent security standards, protecting sensitive government data from cyber threats and unauthorized access.
* Streamlined Procurement: FedRAMP authorization streamlines the process of procuring cloud services by providing a standardized framework for security assessment and authorization, reducing duplication of efforts and saving time and resources.
* Cost Savings: By leveraging FedRAMP-authorized cloud services, government agencies can realize cost savings through reduced infrastructure and maintenance costs, as well as by avoiding the need for individual security assessments.
* Facilitate Collaboration: By adhering to common security standards, FedRAMP promotes interoperability among government agencies and facilitates seamless data sharing and collaboration. This enhances efficiency, communication, and decision-making across different departments and agencies.
* Compliance Assurance: FedRAMP authorization provides assurance that cloud services comply with federal security and privacy regulations, helping government agencies meet their legal and regulatory obligations.
OpenText™, the leader in information management, is one of the few companies that offers a wide range of FedRAMP authorized cloud services and products to meet the diverse information management needs of federal, state, and local government agencies. From delivering reliable services to managing assets, from knowing what’s in your IT environment and how it is configured to managing projects to completion, from securely developing applications to delivering safe websites, and from securely storing content and documents to delivering engaging citizens and employee experiences, OpenText has a FedRAMP authorized solution. Here is a quick overview of all the OpenText solutions currently authorized.
IT Management Platform
OpenText provides the most complete and integrated Information Management platform, allowing companies to organize, integrate and protect data and content as it flows through business processes inside and outside the organization. The OpenText IT Management Platform (ITMX) available in the FedRAMP Marketplace offers Service & Asset Management (ITSM, ITAM), Universal Discovery & CMDB, and Project & Portfolio Management (PPM) in AWS GovCloud.
IT Service Management (ITSM) – Empower users with a modern self-service experience and boost IT efficiency with codeless configurations, built-in AI, and advanced automation with Service Management Automation X (SMAX).
* Deliver modern IT services: Take productivity and service experiences to new heights with codeless configs, ITIL best-practice templates, and AI-powered work options.
* Extend services beyond IT: Apply ITSM principles and capabilities to business functions like HR, R&D, facilities, finance, and marketing.
* Built-in AI and automation: Accelerate incident resolution, problem identification, and change management with fast CI detection and advanced analytics.
IT Asset Management (ITAM) – Govern your IT assets across their lifecycles. Procurement, financial, vendor, and contract management processes are included in one centralized platform with Asset Management X (AMX).
* Manage assets end to end: Oversee all aspects of your hardware assets by combining contract, financial, and carbon footprint information in a single tool.
* Deliver greater asset value on budget: Streamline management of your hardware assets across their lifecycle—reducing costs, optimizing ROI, and making better decisions about budget spend.
* Simplify procurement complexity: Create vendor catalogs for approved purchase options and easily enter received assets into inventory or track against service tickets.
Discovery and CMDB – Discover, map, and manage your hybrid IT configurations—on cloud or off. Service dependency mapping and proactive impact analysis improve your IT visibility and reduce service disruptions with Universal Discovery and CMDB.
* Achieve true IT visibility: Get a clear understanding of the all the hardware and software running in your complex IT environment and how it is configured.
* Understand service delivery: Knowing how your infrastructure delivers business critical applications and services is a must for effective change and configuration management.
* Improve change metrics: Change is constant in IT, but before you or a service agent makes one, you should see how it’s going to affect your service delivery.
Project and Portfolio Management (PPM) – Drive agency value through comprehensive strategic portfolio management and investment optimization, while ensuring projects are on time, in budget and satisfy goals. A strong workflow engine and what-if analysis scenario planning power this strategic portfolio and project management tool.
* Strategically manage your portfolio: Monitor with smart KPIs and take advantage of what-if-scenarios to determine the right mix of deliverables versus investments.
* Embrace agency Agile: PPM integrates with the most popular Agile tools, including ALM Octane, Agile Manager, CA Rally, Jira, VersionOne, and more.
* Accelerate project delivery: Plan projects and set up workflows to gather approvals and track project status.
Fortify on Demand
OpenText Fortify on Demand (FoD) for US Public Sector, available in the FedRAMP Marketplace, performs security assessments of application code and web site/web services testing without any software to install or manage. Static Code Scanning of code such as Java, .NET and other major programming languages for security defects are performed in the FoD System at the code layer followed by an audit review by an OpenText Fortify Static auditor. Dynamic Web Site and Web Services testing use OpenText Fortify's WebInspect software as the scan engine, followed by a review from an OpenText Fortify Dynamic tester.
* Enable comprehensive security testing: Leverage a wide range of security testing techniques, including SAST, DAST, and MAST.
* Scale to any AppSec need: Manage a few applications or thousands with a solution that can scale to meet any needs, regardless of the agency’s or entity’s size.
* Detect the latest vulnerabilities: Regularly update rule packs with the latest vulnerabilities to ensure scan results are audited and false positives are removed.
Cloud for Government
Available on the FedRAMP Marketplace, OpenText Cloud for Government is a secure, scalable, cloud environment designed for the unique requirements of FedRAMP compliance. US federal agencies and entities requiring FedRAMP certification can use OpenText Cloud for Government to enable their digital transformation and cloud first initiatives as they move Information Management workloads to the cloud. The following OpenText applications are delivered as a service designed with a FedRAMP moderate level security control framework:
Content Management for Government – These tools allow agencies to manage public sector records with compliant government document management. Content Management for Government links the digital workplace and applications that power ERP, HCM, BPM and CRM agency processes to drive operational excellence and govern unstructured content.
* Eliminate paper: Digitize record keeping and processes with eFile and eCase electronic record keeping and case management for a modern, digital administration.
* Strengthen compliance and consistency: Adhere to governmental guidance and standards for electronic record keeping with a defined file plan aligned to DoD certified records management.
* Improve process efficiency and speed: Streamline content related processes and collaboration within and across agencies for more back-office efficiency and better citizen service.
Process Automation for Government - Low-code development platform for building engaging process automation and dynamic case management applications. Fully integrated with Content Management for Government, Process Automation for Government helps re-engineer agency processes around citizen, employee, contractor, and fellow agency needs to deliver seamless digital experiences and adapt to changing expectations while improving efficiency and managing risk.
* Speed application development: Create applications quickly and at a lower cost with low-code, drag-and-drop modeling, reusable building blocks and accelerators.
* Deliver streamlined, intuitive user experiences: Successfully deliver a dynamic, relevant customer experience with smart, content-rich applications designed for modern work.
* Integrate enterprise information: Seamlessly connect and orchestrate information flows across lead applications and other systems from within business applications.
Without a doubt, OpenText can help government agencies and entities achieve their mission-critical objectives while being responsible stewards of their budgets. These FedRAMP authorized solutions, along with our other public sector solutions, are helping government agencies across the globe deliver better information management and experiences to their citizens, employees, and contractors!
The post FedRAMP® Authorized: OpenText Solutions Help Government Agencies Achieve Mission-Critical Objectives appeared first on OpenText Blogs.
-
Accelerate your work with Smart Assistant in OpenText DevOps Aviator
OpenText DevOps Aviator is a game-changer for software delivery professionals. It's designed to tackle the industry's pressing challenges, such as talent shortages and the need for speed in alignment with business strategies.
With its cutting-edge Al and LLM technologies, DevOps Aviator provides a seamless, Al-guided experience that accelerates work and automates testing. This means faster delivery, less repetitive work, and the elimination of outdated tools that hinder productivity. It's a significant step forward in elevating the developer experience and optimizing the delivery process.
Smart AI-assisted chat experience
Leveraging the latest advances and innovations in LLM technology, DevOps Aviator empowers you to translate complex information into plain English. Its AI-assisted chat agent, called “Smart Assistant”, enables you to get results rapidly through a simple conversational interface.
You can use Smart Assistant’s chat interface to request information and get simple, concise responses in a user-friendly language. This lets you interact with AI to get quick answers about features, defects, tasks, and tests to gain insight and accelerate your work.
For convenience, sample quick-response buttons are at your disposal to guide you along the way.
Smart Assistant’s interactive chat experience also opens up the possibilities to
* Level up productivity and efficiency across the entire value delivery flow.
* Make better decisions to ensure you find relevant information.
* Get answers whenever you need—24 hours a day, 7 days a week.
Intelligent assistance for everyone
Smart Assistant in OpenText DevOps Aviator supports diverse use cases, from user story breakdowns, to feature summaries, concise summaries of user comments, analysis of root causes, and more.
The breadth and depth of possibilities are available for practically everyone on the team, which includes
* Product Owners
* Software Developers
* QA Testers
* Tech Writers
* Marketing Specialists
Smart Assistant for Product Owners
Product Owners can level-set expectations for stakeholders and efficiently communicate their needs to developers. They can also
* Generate a quick summary of features.
* Get suggestions about additional functionality of a feature that should be added to its description.
* Ask AI to show elements that can improve a feature's description.
* Summarize previous comments and related issues.
* Rephrase the name and description in a user-oriented way.
Smart Assistant for Software Developers
Smart Assistant enables developers to save time and accelerate work. It allows them to
* Generate a breakdown of suggested tasks.
* Analyze root causes and impacted areas.
* Get a breakdown of suggested user stories for a feature.
* Summarize previous comments and related issues.
Smart Assistant for QA Testers
QA Testers can use Smart Assistant’s powerful AI-assisted chat agent to perform actions similar to software developers, as well as to optimize their testing efforts. For example, Smart Assistant enables them to
* Quickly see the status of a test.
* Find and merge existing tests easily.
* Generate a breakdown of suggested tasks.
* Analyze root causes and impacted areas.
* Get a breakdown of suggested user stories for a feature.
* Summarize previous comments and related issues.
Smart Assistant for Tech Writers
Tech Writers can instantly generate comprehensive user guides for feature specifications. With intuitive understanding of the functionalities, Smart Assistant creates on-the-fly and easy-to-follow documentation, saving valuable time for your documentation team.
Smart Assistant for Marketing Specialist
Smart Assistant enables Marketing Specialists to generate quick feature summaries to leverage user-facing content and assets.
Reimagine engineering with DevOps Aviator
DevOps Aviator saves time and delivers high-quality software while leaving risks and setbacks behind. No matter your level of expertise, its cutting-edge generative AI capabilities and next-generation LLM can reduce the burden on software development and testing.
Take productivity to new heights with DevOps Aviator to
* Level up efficiency across the entire value delivery flow.
* Accelerate decision-making with fast, actionable insights.
* Reduce productivity from days to minutes.
* Empower developers and testers with value generating work.
Learn more about OpenText DevOps Aviator.
The post Accelerate your work with Smart Assistant in OpenText DevOps Aviator appeared first on OpenText Blogs.
-
The future of threat hunting
In the near future, we'll face a cyber landscape transformed by artificial intelligence. Attacks will become exponentially more sophisticated, evasive, and pervasive. Threat actors will leverage AI to craft highly customized assaults, meticulously covering their tracks. These dynamic threats will operate at an unprecedented scale, driven by the same AI technologies revolutionizing industries across the board.
This is the 10th post in our ongoing “The Rise of the Threat Hunter” blog series. To learn more about the series check out the introduction here or read last week’s post “Building a threat hunting team.”
Adapting to the AI-driven threat landscape
As cyber threat hunters, we must harness the very technologies being weaponized against us. The key lies in empowering our threat hunting teams with AI-enhanced tools that can adapt, inform, and respond in real-time.
AI excels at analyzing vast datasets, identifying subtle patterns, and flagging anomalies. However, its effectiveness hinges on the quality of its training data. While AI has proven invaluable for content generation and analysis based on existing information, it still lacks the ability to formulate truly novel ideas. This is where human creativity becomes our greatest asset in cyber threat intelligence.
The human-machine synergy in threat detection
To effectively counter emerging threats, we need to capitalize on the synergy between human intuition and machine learning. Modern threat hunting tools must not only identify and mitigate known risks automatically but also provide a framework for threat hunters to identify new, previously unseen threats. Crucially, these platforms should enable threat intelligence analysts to "teach" the AI about newly discovered threats, enhancing future detection and response capabilities.
This human-machine feedback loop forms the cornerstone of a next-generation threat intelligence platform—one that becomes more robust and effective with each use. In his book, "Antifragile: Things That Gain from Disorder," Nassim Taleb describes systems that not only withstand stress but improve in response to it as "antifragile." In an era where cyber threats evolve at breakneck speed, only an antifragile threat platform can keep pace.
Antifragility in threat hunting: Building adaptive defense
How might we express antifragility in a threat hunting platform? Consider cyber attacks as narratives—each with main characters, supporting actors, and a sequence of events that unfold to tell a story. By identifying and codifying these key elements and their progression, we can scrutinize incoming data for signs of similar attack patterns.
When our system detects a strong correlation between observed behaviors and predicted patterns, it can automatically initiate previously successful mitigation strategies. However, the true power of an antifragile system lies in its ability to adapt to the unknown.
Sometimes, a skilled threat hunter might notice anomalies in the data that don't fit known attack profiles but warrant further investigation. An advanced threat intelligence platform should empower these analysts to collect related alerts and anomalies, weaving them into a coherent narrative. This process allows threat hunters to construct "attack stories" based on their observations and expertise.
These newly crafted attack narratives serve a dual purpose. First, they teach the AI about emerging threat types, expanding its knowledge base. Second, they enhance the system's ability to detect and thwart similar attacks in the future. This continuous learning loop—where human insight feeds machine intelligence, which in turn augments human capabilities—is the essence of an antifragile threat hunting ecosystem.
The future of threat hunting
As we look ahead, the role of the threat hunter will evolve. Rather than being replaced by AI, skilled professionals will become even more critical. They'll guide AI systems, interpret complex threat landscapes, and make the crucial decisions that machines cannot.
The threat hunting tools of tomorrow will act as force multipliers, enabling analysts to cover more ground and delve deeper into potential threats. They'll automate routine tasks, freeing up human experts to focus on strategic analysis and proactive threat hunting.
Conclusion
The future of threat hunting lies in the seamless integration of human expertise and AI capabilities. By embracing this symbiotic relationship, organizations can build resilient, adaptive defense systems capable of countering even the most sophisticated AI-driven threats.
Learn More about OpenText Cybersecurity
Ready to enable your threat hunting team with products, services, and training to protect your most valuable and sensitive information? Check out our cybersecurity portfolio for a modern portfolio of complementary security solutions that offer threat hunters and security analysts 360-degree visibility across endpoints and network traffic to proactively identify, triage, and investigate anomalous and malicious behavior.
The post The future of threat hunting appeared first on OpenText Blogs.