Hornetsecurity launches AI cyber assistant for Microsoft 365
Hornetsecurity has launched a new AI Cyber Assistant to support its 365 Total Protection Plan 4, featuring tools designed to aid IT security teams and protect Microsoft Teams users from cyber threats.
The new solution includes the Email Security Analyst, which automates the handling of reported suspicious emails, and Teams Protection, which is intended to detect and block malicious messages and impersonation attacks within the Microsoft Teams platform. Hornetsecurity has also confirmed updates to its AI Recipient Validation, aimed at preventing email misdirection and data leaks, now integrated into the 365 Total Protection Plan 4 suite.
The AI Cyber Assistant is designed to ease workloads for security personnel while equipping end users with information to make informed decisions about potential threats. According to Hornetsecurity, the assistant continually evolves by deploying machine learning technology to support both end users and IT teams within their daily operations.
Daniel Hofmann, Chief Executive Officer of Hornetsecurity, said: "To continue enhancing the next-gen security we provide, our new AI-powered Email Security Analyst automates responses to user queries about potential threats, alleviating the workload on SOC and service desk teams, while educating end users on the nature of attacks. IT security personnel benefit by gaining more time to focus on other pressing issues, while end users receive instant feedback, which also encourages them to continue reporting suspicious emails and contribute to the organisation's overall security."
Email response automation
The Email Security Analyst leverages a large language model to provide automated analysis and response to user-reported emails, reducing the manual review burden on Security Operations Centre (SOC) and IT Admin teams. This automation is intended to improve efficiency in handling suspicious emails flagged by users.
As Hofmann explained: "Thanks to growing media attention, end users are becoming more suspicious about incoming emails. While this a welcome and positive development, each email they flag increases the burden on SOC and Service Desk teams to analyse and verify them on a case-by-case basis. Email Security Analyst replaces this traditional manual analysis and significantly reduces the time SOC teams spend on false-positive and negative reports."
Providing AI-driven insights for each reported email, the tool assists in training employees to better discern malicious activity, while guiding them on necessary precautions to help strengthen organisational cybersecurity.
Hofmann stated further: "Organisations have to strengthen their 'human firewall' by empowering employees to become active participants in their organisation's cybersecurity strategy. Cyber-attacks are constantly increasing, so CISOs and security teams need to strategically allocate resources that strengthen organisational security while upskilling end users to cover any blind spots."
Microsoft Teams threat detection
The Teams Protection feature aims to provide continuous monitoring and analysis of messages within Microsoft Teams, identifying and alerting users to potential threats using AI-driven detection methods. The technology analyses URLs and pictures within messages, employing supervised and unsupervised machine learning algorithms as well as computer vision models. These models scan for indicators of phishing such as brand logos, QR codes, and suspect text embedded in images.
Administrators can remove conversations found to contain malicious messages and block compromised users from accessing Teams, helping to manage threats across Microsoft 365 tenants. Hofmann said: "Instant messaging platforms like Microsoft Teams are increasingly used as a main channel of business communications, and yet they tend to be overlooked as a potential attack vector. However, attackers are sending malicious links and malware both through Teams that are open externally and also via compromised internal Teams accounts. We have therefore developed Teams Protection to address this growing cybersecurity threat."
User experience updates
The release also brings a redesigned, multitenant control panel for 365 Total Protection, offering a streamlined interface intended to facilitate easier access to security, backup, and compliance features for Microsoft 365 users. The aim is to make administration more efficient while bringing multiple security functions together in a single platform.
Hornetsecurity reports that it delivers its products and services through a global partner network, with organisations using the platform for a range of needs including email protection, backup, governance, risk and compliance, and security awareness training.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Techday NZ
3 days ago
- Techday NZ
ReliaQuest launches GreyMatter automation to speed threat response
ReliaQuest has introduced GreyMatter Workflows, a capability designed to accelerate the detection and containment of security threats by automating operational workflows within its GreyMatter platform. GreyMatter Workflows enables customers to create business-specific automated processes using a no-code, drag-and-drop interface. This functionality aims to reduce the manual effort involved in security operations and enhance response speeds across complex threat environments. Workflow automation The new feature is integrated natively with ReliaQuest's AI-driven security operations platform and automates essential tasks across detection, containment, investigation, and response activities within existing technology infrastructures. GreyMatter Workflows extends automation beyond traditional security tools, facilitating direct interaction with other business units and end users. It also offers integration with services such as Microsoft Teams and Slack, enabling more comprehensive threat verification and communication capabilities. Pre-built workflow templates are provided, based on frequent use cases observed among ReliaQuest's enterprise clients, and can be further customised to suit unique organisational requirements. Security teams can develop and deploy automation processes with zero-code design from initial implementation, and have the option to use AI Agents for more tailored adjustments throughout investigative workstreams. According to ReliaQuest, the adoption of GreyMatter Workflows leads to a reduction in operational complexity, diminishes the need for manual intervention, and shortens incident response times. Customers reportedly experience a 64% decrease in Mean Time to Respond (MTTR) and are able to eliminate more than half of manual response tasks. Customer and industry response "The threat landscape is accelerating, but the operational workflows used to detect and contain those threats haven't kept up," said Brian Foster, President of Product and Technical Operations at ReliaQuest. "Security teams need the ability to automate complex workflows quickly, so they can focus more on managing threats and less on managing tools. GreyMatter Workflows gives our customers the ability to build powerful end-to-end automations to unify all phases of security operations, without leaving the platform." Pat O'Keefe, Head of Global Security Operations and Risk Management at Circle K, commented on the significance of rapid threat management, particularly for organisations with substantial and dispersed operational footprints. "Detecting and containing threats quickly has never been more important in cybersecurity, especially for a business like ours that is distributed across hundreds of locations around the world," said Pat O'Keefe. "Being able to extend our automation capabilities further into our business will help us stay proactive in protecting our brand." Bo Olsen, Security Engineering Manager at Eastern Bank, discussed the evolving direction of daily security operations, emphasising automation as a key priority to allocate resources toward more strategic objectives. "As we look to what's next in cybersecurity, we plan to automate as much as possible of the day-to-day security operations processes so we can spend more time on what matters most to our business," said Bo Olsen. "We can't achieve that level of efficiency with traditional SOAR – an expensive add-on that doesn't deliver the outcomes we really need." Platform details The GreyMatter platform utilises ReliaQuest's Universal Translator, detection-at-source, and Agentic AI components to facilitate connectivity and threat management across cloud, multi-cloud, and on-premises environments. The introduction of Workflows supports ReliaQuest's objective of enabling tailored security outcomes for organisations with differing technology architectures and business needs. With over 1,000 customers and 1,200 staff across six global locations, ReliaQuest continues to offer capabilities in security operations that address the responsiveness and efficiency demands faced by enterprises amid dynamic cybersecurity challenges.
Techday NZ
4 days ago
- Techday NZ
Rapid7 launches agentic AI to boost MDR speed & accuracy
Rapid7 has announced the integration of agentic AI workflows into its security information and event management (SIEM) and extended detection and response (XDR) platform, aiming to change how managed detection and response (MDR) environments handle security threats within security operations centres (SOCs). The newly embedded agentic AI capabilities utilise Rapid7's AI Engine to autonomously execute core investigative tasks traditionally managed by SOC analysts. This development is intended to allow analysts to focus on deeper analysis, reduce investigation times, and enable faster resolution of security incidents for customers. Automation in security operations According to Rapid7, the new workflows are a response to the evolving threat landscape, where AI technologies are used by attackers to mount faster and more sophisticated campaigns. The company claims its agentic AI can handle alert triage with an accuracy rate of 99.93%, reportedly saving SOC teams more than 200 hours per week. The integration of these workflows is part of a wider effort to scale MDR services and improve transparency into the decision-making process when security events are detected and investigated. This is particularly important given the increasing volume and complexity of alerts faced by security teams. "AI isn't just an enhancement to security operations, it's a catalyst for a new era of scale, speed, and strategic decision-making. At Rapid7, we believe AI must be human-centric, transparent and accountable, and built on analyst expertise. The launch of agentic AI workflows for MDR represents the foundational step in our broader vision for agentic AI across the platform. Far more than just automation, this is the beginning of a system capable of intelligent and adaptive decision-making." This statement was made by Laura Ellis, Vice President of AI and Data at Rapid7. Focus on high-impact tasks Agentic AI workflows have been trained on playbooks authored by Rapid7's security operations centre experts and are continually refined through use in real-world scenarios. The company states these workflows aim to improve confidence in organisations' security posture through scalable, repeatable investigations, while ensuring that analysts can reallocate time to higher complexity issues. Further, these workflows are designed to enhance visibility into the reasoning and logic behind AI-driven decisions, providing greater control over the security process and transparency for organisations using the platform. "A world-class SOC optimizes for the 'human' decision moment. With agentic AI workflows, we're using AI to present the right information to enable accurate and fast human decisions that allow organizations to quickly find and stop today's AI-enabled attackers. Agentic AI workflows automate repetitive tasks, surface relevant findings, and provide contextual information to support analyst decision-making. By delivering timely, actionable insights, these workflows improve the quality of decisions being made and empower analysts to move confidently to the next step in the response process." This perspective was shared by Jon Hencinski, Vice President Detection & Response at Rapid7. Industry observations The approach taken by Rapid7 in embedding AI-driven workflows has also been commented on by industry analysts. Craig Robinson, Research Vice President at IDC, remarked: "Successful AI deployment in any cybersecurity platform needs to be thoughtful and planned: from the classification of data through to disciplined workflows and orchestration of detections with responses. Rapid7's approach to AI implementation checks each of these boxes with deliberate, transparent, practical AI processes that deliver real-world efficiencies for its customers." Continuous adaptation Rapid7 highlights that its agentic AI workflows are iteratively improved based on operational data and expert input, aiming to provide both scale and adaptability in cybersecurity environments where attack methods and volumes are continuously evolving. The company asserts that this focus on automation and transparency will result in improved alert fidelity, shorter investigation cycles, and a more strategic allocation of human resources within SOCs. Rapid7's enhanced MDR experience with agentic AI is intended to offer organisations increased command of their attack surfaces while responding to the speed and complexity of AI-driven threats. Follow us on: Share on:
Techday NZ
20-06-2025
- Techday NZ
Hornetsecurity launches AI cyber assistant for Microsoft 365
Hornetsecurity has launched a new AI Cyber Assistant to support its 365 Total Protection Plan 4, featuring tools designed to aid IT security teams and protect Microsoft Teams users from cyber threats. The new solution includes the Email Security Analyst, which automates the handling of reported suspicious emails, and Teams Protection, which is intended to detect and block malicious messages and impersonation attacks within the Microsoft Teams platform. Hornetsecurity has also confirmed updates to its AI Recipient Validation, aimed at preventing email misdirection and data leaks, now integrated into the 365 Total Protection Plan 4 suite. The AI Cyber Assistant is designed to ease workloads for security personnel while equipping end users with information to make informed decisions about potential threats. According to Hornetsecurity, the assistant continually evolves by deploying machine learning technology to support both end users and IT teams within their daily operations. Daniel Hofmann, Chief Executive Officer of Hornetsecurity, said: "To continue enhancing the next-gen security we provide, our new AI-powered Email Security Analyst automates responses to user queries about potential threats, alleviating the workload on SOC and service desk teams, while educating end users on the nature of attacks. IT security personnel benefit by gaining more time to focus on other pressing issues, while end users receive instant feedback, which also encourages them to continue reporting suspicious emails and contribute to the organisation's overall security." Email response automation The Email Security Analyst leverages a large language model to provide automated analysis and response to user-reported emails, reducing the manual review burden on Security Operations Centre (SOC) and IT Admin teams. This automation is intended to improve efficiency in handling suspicious emails flagged by users. As Hofmann explained: "Thanks to growing media attention, end users are becoming more suspicious about incoming emails. While this a welcome and positive development, each email they flag increases the burden on SOC and Service Desk teams to analyse and verify them on a case-by-case basis. Email Security Analyst replaces this traditional manual analysis and significantly reduces the time SOC teams spend on false-positive and negative reports." Providing AI-driven insights for each reported email, the tool assists in training employees to better discern malicious activity, while guiding them on necessary precautions to help strengthen organisational cybersecurity. Hofmann stated further: "Organisations have to strengthen their 'human firewall' by empowering employees to become active participants in their organisation's cybersecurity strategy. Cyber-attacks are constantly increasing, so CISOs and security teams need to strategically allocate resources that strengthen organisational security while upskilling end users to cover any blind spots." Microsoft Teams threat detection The Teams Protection feature aims to provide continuous monitoring and analysis of messages within Microsoft Teams, identifying and alerting users to potential threats using AI-driven detection methods. The technology analyses URLs and pictures within messages, employing supervised and unsupervised machine learning algorithms as well as computer vision models. These models scan for indicators of phishing such as brand logos, QR codes, and suspect text embedded in images. Administrators can remove conversations found to contain malicious messages and block compromised users from accessing Teams, helping to manage threats across Microsoft 365 tenants. Hofmann said: "Instant messaging platforms like Microsoft Teams are increasingly used as a main channel of business communications, and yet they tend to be overlooked as a potential attack vector. However, attackers are sending malicious links and malware both through Teams that are open externally and also via compromised internal Teams accounts. We have therefore developed Teams Protection to address this growing cybersecurity threat." User experience updates The release also brings a redesigned, multitenant control panel for 365 Total Protection, offering a streamlined interface intended to facilitate easier access to security, backup, and compliance features for Microsoft 365 users. The aim is to make administration more efficient while bringing multiple security functions together in a single platform. Hornetsecurity reports that it delivers its products and services through a global partner network, with organisations using the platform for a range of needs including email protection, backup, governance, risk and compliance, and security awareness training.
