Tuskira launches AI Analyst Workforce to automate threat defence
The new solution introduces a fleet of specialist AI agents for different stages of the detection-to-response workflow, replacing much of the manual effort required by security teams with automated, goal-driven systems. According to Tuskira, this advancement moves security automation beyond current agentic AI and provides a dedicated AI analyst for every significant step in the detection and defence process.
The platform aims to tackle high-priority cybersecurity issues, including the rise of AI-facilitated attacks and the operational impacts of alert fatigue and analyst burnout. Tuskira's system enables both human-machine collaboration and fully autonomous execution in areas such as triage, validation, and rapid response. The company states that its AI Analysts have the capacity to simulate real-world cyberattacks, assess the robustness of defensive measures, and autonomously respond across multiple security technologies.
Piyush Sharma, Chief Executive Officer and co-founder of Tuskira, highlighted the challenges security teams face. "Security teams are overwhelmed because they lack the time and resources to respond to what they're detecting fast enough," said Sharma. "Tuskira replaces manual triage with an autonomous AI workforce that validates exposures, closes the loop from detection to defense, and keeps teams ahead of threats, without burning them out."
Among its features, the solution provides Autonomous SIEM Optimisation, which continually evaluates detection coverage, enriches alerts with context, and modifies rules to cut down on false positives and eliminate any blind spots. Tuskira says this upgrade can replace static detection mechanisms with adaptive, evolving defences—reducing the demand for ingesting superfluous log data and improving the cost-efficiency of security operations.
Highlighting the business impact, early users of Tuskira's platform have seen a 99% reduction in alert noise and a 50% faster response to threats. Further metrics include an 80% reduction in manual triage caused by automated signal enrichment and a 50% reduction in operational costs by supplementing existing staff with AI Analysts.
Tuskira's AI Analyst Workforce includes purpose-built agents mapped to the traditional roles found in security teams such as VM, SOC, GRC, and AppSec, delivering measurable KPIs for each. Each specialised AI Analyst operates across the stack, leveraging AI-curated data from over 150 security tools and a digital twin of the client's digital environment to identify real risks and prompt necessary actions.
The core analysts within the automated roster include a Zero-Day Analyst for detecting new attack types using anomaly models and threat intelligence and providing proactive mitigation with current controls. The Threat Intel Analyst works to correlate emerging indicators of compromise and tactics, techniques, and procedures with internal telemetry to uncover stealthy threats in context.
Other specialised roles encompass the Defence Optimisation Analyst, tasked with real-time simulation of threats and tuning controls; the Vulnerability Analyst, which assesses the true risk of vulnerabilities; and the Alert Analyst, which handles alert triage and generates remediation actions for risks such as lateral movement and exposed credentials.
Tuskira's technology incorporates continuous Autonomous SIEM Optimisation intended to ensure that the system adjusts dynamically to changing threats, continuously enriching threat alerts and tuning security rules. This is designed to support teams in maintaining high signal fidelity without an excess of false alarms or unnecessary data ingestion.
The firm identified urgent priorities for their platform as preventing breaches through AI-powered Continuous Threat Exposure Management, analysing and responding to zero-day threats with behaviour-based intelligence, and improving alert investigation and resolution across identity, endpoint, and infrastructure domains.
The company's mission, as stated, is to deploy self-learning AI analysts that maintain and manage cybersecurity risks, turning static defences into adaptive, self-tuning systems. Tuskira's agents work to autonomously analyse incoming threats and vulnerabilities, validate and optimise defences in real-time, and manage exposures continuously to speed up response, strengthen protection, and reduce operational costs in line with the evolving threat environment.
Whether organisations are coping with advanced cyber threats, high alert volumes, or the need to prioritise vulnerabilities, Tuskira's suite of AI Analysts is positioned to help address these tasks without the typical complexity or strain experienced by human teams.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Techday NZ
21 hours ago
- Techday NZ
DXC, 7AI launch global AI security service to boost efficiency
DXC Technology and 7AI have launched a global strategic partnership that will see the deployment of an AI-powered security operations service across DXC's worldwide customer base. The new initiative, called DXC Agentic Security Operations Centre (SOC), aims to automate core security operations through the integration of 7AI's agentic platform. The two firms stated the platform will reduce manual processing bottlenecks, offering potential time savings of 30 minutes to 2.5 hours per investigation, while significantly lowering false positive rates that typically demand substantial analyst resources. Operational efficiency gains According to data from 7AI, the platform processed more than 568,000 alerts and saved security teams 224,000 analyst hours in 2025 alone, which is equivalent to 112 years of analyst work and an estimated USD $11.2 million in productivity gains for users. DXC Technology will integrate 7AI's technology into its own managed security services globally, providing autonomous AI agents throughout processes including alert ingestion, risk investigation, and incident remediation. The platform's capabilities are intended to extend beyond simple automation, offering what DXC and 7AI describe as a fundamental change to how managed security is delivered. The use of autonomous agents is designed to scale coverage, offer faster response times, and reduce operational costs for organisations facing an increasing volume of cyber threats. "The use of AI enhances security efforts by boosting efficiency, augmenting human skills, and enabling SOCs to scale and deliver greater value in the face of growing cyber threats. The future of security operations isn't about more tools or more automation, it's about intelligent AI agents that deliver measurably better outcomes. By partnering with 7AI, we're pioneering the next phase of managed security services, delivering better insights, faster response times and, ultimately, superior protections for our customers," said Chris Drumgoole, President, Global Infrastructure Services at DXC. Internal use and results DXC has also implemented 7AI's platform within its own internal security operations centre. According to Mike Baker, DXC's Global Chief Information Security Officer, after deploying 7AI's technology the company observed an 80% reduction in tier 1 SOC analyst time, a 95% drop in the number of tickets needing human analysis, and a 67% cut in mean time to respond for tier 1 and tier 2 operations. How it works The 7AI platform leverages what the company calls Dynamic Reasoning technology, enabling the AI to autonomously decide on investigative actions for novel and previously unseen threats in real time. This approach is designed to avoid reliance on static, pre-written playbooks or rules, and it is intended to further reduce the incidence of false positives and improve incident investigation times. Customers deploying the new DXC Agentic SOC will receive security expert support for implementation and ongoing operations, as well as access to incident response and breach management services. The managed service also includes the provision of anonymised threat patterns, contributing to the continual improvement of threat detection while maintaining strict client data protection standards. Additional services tailored to each customer include governance, risk, and compliance support. Broader industry context The launch of the DXC Agentic SOC comes amid continued expectations that artificial intelligence will play a greater role in cybersecurity operations globally. Both DXC and 7AI stated that partnerships leveraging AI in security operations are set to deliver improvements in speed, scale, and operational cost, compared to traditional, manual approaches. "DXC's global cybersecurity scale - serving hundreds of customers, across 25 delivery centers that process 4.5 million daily security threats – provide the real-world data environment essential for advancing our AI. This combination of proven security leadership and operational breadth makes DXC the ideal partner for delivering truly agentic security solutions to the enterprise market. This partnership validates our vision for a new era where security teams can focus exclusively on security outcomes. DXC customers will experience what it means to have AI agents that continuously improve their understanding of each organization's unique security context," said Lior Div, CEO and Co-Founder of 7AI. 7AI projects that with ongoing adoption, its platform will save customers upwards of USD $100 million in 2025 through further reductions in manual security operations workload and analyst resource needs.
Techday NZ
7 days ago
- Techday NZ
Browser DevTools' gaps leave millions exposed to threats
SquareX has highlighted architectural limitations in browser developer tools that hinder the effective debugging and analysis of potentially malicious browser extensions. According to researchers at SquareX, browser extensions have become ubiquitous tools in both enterprise and consumer environments. However, organisations often rely on trust signals provided by browser extension stores, such as "Verified" or "Chrome Featured" badges, which may not provide genuine assurances about security. The Geco Colourpick case, where 18 malicious extensions distributed spyware to approximately 2.3 million users despite carrying verified statuses, was cited as an example. SquareX security research has identified a key technological issue that complicates extension analysis. Nishant Sharma, Head of Security Research at SquareX, commented: "Aside from the fact that thousands of extension updates and submissions are being made daily, it is simply impossible for browser vendors to monitor and assess an extension's security posture at runtime. This is because existing DevTools were designed to inspect web pages. Extensions are complex beasts that can behave dynamically, work across multiple tabs and have 'superpowers' that allow them to easily bypass detection via rudimentary Browser DevTool telemetry." Sharma added, "In other words, even if browser vendors were not inundated by the sheer quantity of extension submission requests, the architectural limitations of Browser DevTools today would still allow numerous malicious extensions to pass DevTool based security inspections." Background to browser DevTools The current generation of browser developer tools originated in the late 2000s. At that time, they were intended to assist developers and users in debugging websites and inspecting web page elements. Since then, browser extensions have evolved to offer unique capabilities, such as the ability to modify web pages, take screenshots, and inject scripts across multiple sites. These advanced functions cannot be readily tracked or attributed using today's DevTools. For example, SquareX notes that when an extension injects a script into a page to execute a network request, existing DevTools cannot determine whether the request originated from the web page itself or from the extension. This lack of distinction makes the detection of malicious behaviour more difficult. Proposed approach To address these limitations, SquareX researchers have proposed an alternative framework. Detailed in a recent technical blog, the suggested approach combines a modified browser with AI-driven agents. The modified browser would be engineered to expose telemetry critical to understanding the behaviour of extensions. Meanwhile, the Browser AI Agent would simulate different user profiles to trigger various extension actions during runtime. This enables security teams to perform dynamic analysis and uncover behaviours only activated under certain user actions, timed events, or specific device environments. This method is termed the Extension Monitoring Sandbox. According to SquareX, the necessary browser modifications and AI-driven simulation strategies outlined in their research are capable of uncovering "hidden" extension activities that would otherwise remain undetected by traditional developer tools. Enterprise risk SquareX suggests that this architectural gap in browser devtools has contributed to millions of users being exposed to threats. As browser extensions play an increasingly important role in enterprise operations, the company is urging security teams to go beyond reliance on labels or store badges when assessing risk. The revelation of Browser DevTools' architectural limitations exposes a fundamental security gap that has led to millions of users being compromised. As browser extensions become a core part of the enterprise workflow, it is critical for enterprises to move from superficial labels to solutions specifically designed to tackle extension security. It is absolutely critical for browser vendors, enterprises and security vendors to work closely together in tackling what has become one of the fastest emerging threat vectors. Audit offering SquareX is offering a complimentary enterprise-wide extension audit for organisations. The audit leverages all three components of the SquareX Extension Analysis Framework - metadata analysis, static code analysis, and dynamic analysis using the Extension Monitoring Sandbox. This process delivers a comprehensive review of all browser extensions in use across an organisation and provides a risk score for each. The company cites reference material available through public security news sources regarding the prevalence and risk posed by malicious extensions. SquareX continues to promote the need for collaboration between browser vendors, security providers, and enterprises in addressing extension security challenges.
RNZ News
28-07-2025
- RNZ News
Builders awaiting detail on government's bid to drive costs down
A carpenter working in a workshop. Photo: 123rf Builders dealing with astronomical prices for building supplies are keenly waiting to see if the government's intervention will make any difference. The government has opened the door for builders to access approved supplies from overseas - such as plasterboard, cladding systems, external doors, and windows - in an attempt to bring down costs for consumers. Building and Construction Minister Chris Penk said the list would have the potential to reduce total building costs by thousands of dollars when building a home. Builders across New Zealand have faced increasing cost pressures. For example, New Zealand has some of the most expensive plasterboard in the world, paying around 38 percent more than Australia and 47 percent more than the UK, Penk said. Builder and managing director of Substruct Steve Brown said the government's changes were a good thing but wanted to see how it would play out. "Building prices just like everything has pretty much doubled over the last few years," Brown said. He said it is hard for builders to choose a new product that's "not tried and tested". "I've been in the industry for 30 years, there's some products that work and some that don't. So, to pick up a new product is kind of, a little bit scary when you gaurantee something for 10 years," Brown said. Registered Master Builders Association chief executive Ankit Sharma said the government's announcement would help to reduce the construction costs and increase product availability across the sector. "By allowing overseas products that meet standards to be used more readily, we can improve supply chain resilience, reduce delays and ultimately deliver more homes, faster and more affordably," Sharma said. Sign up for Ngā Pitopito Kōrero , a daily newsletter curated by our editors and delivered straight to your inbox every weekday.
