NTT scrubs 'dirty networks' with AI threat sensor

Cyber Threat Sensor AI (CTS-AI) is a virtual appliance built into the MDR platform, and can be accessed through a mobile app to secure customer applications and workloads in AWS.

Kelsey Ziser, Senior Editor

November 8, 2021

3 Min Read
NTT scrubs 'dirty networks' with AI threat sensor

NTT is beefing up its Managed Detection and Response security platform with a new threat sensor integrated with Amazon Web Services. The new security feature, Cyber Threat Sensor AI (CTS-AI), is a virtual appliance built into the MDR platform, and can be accessed through a mobile application to secure customer applications and workloads in AWS.

"[CTS-AI] focuses not only on the quality and the capability of the cyber security detection and response, but also the ease of use, which is why we launched it into the cloud service provider's marketplaces," Greg Garten, CTO of NTT Security, told Light Reading.

The initial release of CTS-AI, which was developed in-house at NTT, is targeted at small and mid-sized businesses, and is available on a free trial period service for the near future, explained Garten.

"This tool picked up indicators that none of our other controls detected, giving us the real-time capability to detect and remediate cyber threats at the first stage of an attack," said MMC Hardmetal, one of NTT's industrial customers, in a statement.

The majority of NTT's security customers tend to be larger enterprises but Garten's goal is to deliver the learnings from working with larger customers by developing security products that are useful down market. There's plenty to be learned from examining smaller organizations' security challenges as well, he adds.

"It's vice versa – there are also really good learnings we get, for lack of a better phrase, from 'dirty networks,'" said Garten. "A lot of the dirty networks are in the lower tier of customers because they don't have that budget or know-how to protect against that. To a degree, they're worse off than larger customers – not in the sense that they're more targeted but in the sense they have to deal with more stuff because they don't have the staff or budget to make up for it. That's where CTS-AI will help."

While the CTS-AI threat detection service utilizes ML and AI, it's also supported by NTT's security team to provide "human-validated threat intelligence" to decrease the number of false positives, i.e. checking that an alert is triggered by an actual threat. Threats are continuously validated to provide accurate categorization and prioritization of those threats.

"Many times, even outside of our own detection capabilities, third-party detection capabilities have various ranges of quality – signatures may be good or bad and they also change over time, depending on updates to the signatures or the mutations of the threats themselves," said Garten. "That information is shown to an analyst, they validate it, and the verdict goes back in to teach the platform."

CTS-AI was initially used by enterprises impacted by the SolarWinds supply chain breach, and NTT has continued to update CTS-AI's capabilities since then. Customers can use CTS-AI via an app on their mobile devices, and can view activity logs and reports in the app or on a web interface. In addition, they can customize policies and select the type and frequency of threat alerts.

"Not only the technical enablement of the product itself is pushed into the customer's cloud but also billing and subscription management all happens through AWS," said Garten. "Once the appliance is activated in their virtual private cloud, there's a mobile app that they're directed to download in the app stores, which connects directly to their information – their data that's being processed – and the alerts and being derived from that data."

Garten adds that NTT plans to eventually integrate CTS-AI with Microsoft Azure as well.

— Kelsey Kusterer Ziser, Senior Editor, Light Reading

About the Author(s)

Kelsey Ziser

Senior Editor, Light Reading

Kelsey is a senior editor at Light Reading, co-host of the Light Reading podcast, and host of the "What's the story?" podcast.

Her interest in the telecom world started with a PR position at Connect2 Communications, which led to a communications role at the FREEDM Systems Center, a smart grid research lab at N.C. State University. There, she orchestrated their webinar program across college campuses and covered research projects such as the center's smart solid-state transformer.

Kelsey enjoys reading four (or 12) books at once, watching movies about space travel, crafting and (hoarding) houseplants.

Kelsey is based in Raleigh, N.C.

Subscribe and receive the latest news from the industry.
Join 62,000+ members. Yes it's completely free.

You May Also Like