Druva Enhances DruAI with Autonomous Forensic and Compliance Agents

Post Views: 18

Cybersecurity Investigations and Compliance Audits

Cybersecurity investigations and compliance audits can be time-consuming and labor-intensive, with IT and security teams often spending days or even weeks collecting and analyzing evidence. To address this challenge, Druva has expanded its DruAI platform with the introduction of Deep Analysis Agents. These autonomous agents automate complex forensic and compliance investigations, providing ready-to-share reports in a matter of minutes.

According to Stephen Manley, CTO at Druva, “IT teams are overwhelmed by the task of collecting and analyzing evidence. This new release enables teams to delegate multi-day investigations to agents that can complete the task in minutes and deliver a final report that can be shared with security, compliance, or operations teams.”

Deep Analysis Agents

The Deep Analysis Agents are built on Druva’s MetaGraph foundation, which connects and contextualizes data in real-time. This allows the agents to conduct extended investigations independently and deliver complete reports in minutes. The agents can analyze telemetry, logs, identity data, configurations, and historical signals, breaking complex tasks into manageable steps and coordinating across systems to produce clear, actionable insights.

Example Use Cases

Example use cases for the Deep Analysis Agents include investigating cyber attacks and identifying potential security gaps. For instance, a user can query the agent to review admin logs for signs of a cyber attack and compare them to a baseline from the previous month, using the MITRE ATT&CK framework as a methodology. Another example is reviewing enterprise workloads audit trails logs for ISO/IEC 27001:2022 compliance gaps, focusing on behavioral patterns rather than just activity volume.

New Features

The new Notify Me workflow allows users to trigger a deep analysis and receive a comprehensive report upon completion. DruAI also introduces Agentic Memory, a capability that enables the platform to store, recall, and apply information over time. This allows for personalized intelligence across roles and workflows, with the platform adapting to user preferences and tailoring dashboards, responses, and reports accordingly.

Additionally, DruAI supports multimodal interaction, allowing users to upload screenshots of errors, alerts, configuration pages, or system behavior directly into the console. The platform interprets the image, understands the technical context, and provides guided steps to resolve the issue.

According to Hunter French, Senior Vice President for Impact Services at Goodwill Industries of the Valleys, “This AI tool delivers actionable insight right out of the gate. It analyzes weeks of log data and surfaces findings we can immediately put to work, saving hours of compliance reporting and manual review.”

Conclusion

The introduction of Deep Analysis Agents and Agentic Memory marks a significant advancement in the field of autonomous security operations. By automating complex investigations and providing personalized intelligence, Druva’s DruAI platform is poised to revolutionize the way IT and security teams approach cybersecurity and compliance.