Cyware Quarterback AI
What is Quarterback AI?
Quarterback AI is Cyware’s intelligent assistant to streamline security analysts' workflows by automating routine tasks such as threat intelligence investigation, incident response, and more. It uses advanced prompt processing, task automation, and integrates seamlessly with other tools to boost analyst efficiency.
Quarterback AI Features
You can leverage the following Quarterback AI features to streamline your security tasks:
Automates complex security workflows by performing actions through natural language prompts with your configured applications.
How Does It Work?
Configure Apps: Configure the applications required to perform security tasks. Quarterback AI uses these apps to perform actions based on your prompts. To install and configure apps, go to Quarterback AI > Apps. For more information, see Install and Configure Apps.
Perform Actions: When you enter a prompt, Quarterback AI analyzes it and performs the corresponding action using the configured apps.
Note
To know more about prompts, see Sessions and Prompts.
Quarterback AI may prompt you to take the following actions to process your request:
If additional input is required to perform an action, Quarterback AI will prompt you to provide it.
If multiple app actions match your prompt, you will be asked to select the appropriate one.
If an action creates or updates data, Quarterback AI will ask for your confirmation before proceeding.
Ask security-related questions and get real-time, actionable answers with Quarterback AI, your virtual assistant that guides you through procedures and helps you take swift action.
How Does it Work?
Enter your security-related question in the prompt box, and Quarterback AI will respond with a relevant and accurate response. For example, if you ask How do I create an incident in Respond? Quarterback AI will return step-by-step instructions along with a link to the relevant documentation.
If you ask a question outside the scope of security, Quarterback AI may not provide a relevant response.
Note
To know more about prompts, see Sessions and Prompts.
Use Cases
The following are example use cases of Quarterback AI:
Use Quarterback AI to accelerate investigations and improve response by automating threat intel workflows. Here are some example steps to help you get started:
Search for indicators in SIEM tools
Prompt: Look up the indicator in Splunk Enterprise and IBM QRadar for any matches.
Analyze results in EDR
Prompt: Look up the indicator in SentinelOne for any matches.
Create incidents in response tools
Prompt: Create an incident in Respond for further investigation.
Automate threat response and communication
Prompt: Send an email via Cyware Email Service to inform the security team or create an incident in Jira Software Cloud for tracking and resolution.
Use Quarterback AI can streamline your response to compromised credential alerts across identity and access management systems. Here are some example steps to help you get started:
Detect credential compromise in IAM/AD
Prompt: Check if john.doe@example.com exists in Okta.
Review user activity and password changes
Prompt: Is the user john.doe@example.com active? When was the last password change?
Automate password reset and incident creation
Prompt: If the password was not reset after the compromise date, reset it, notify the user via email, and create a ServiceNow ITSM incident.
Notify affected users
Prompt: Send an email using Cyware Email Service to john.doe@example.com notifying them that the password has been reset due to a security breach.
Use Quarterback AI to stay informed about evolving threats targeting your industry and proactively mitigate risks. Here are some example steps to help you get started:
Identify top threat actors?
Prompt: Who are the top threat actors in the healthcare industry this year?
Understand common attack techniques:
Prompt: What are the common techniques used by the threat actor APT28 against healthcare organizations?
Plan preventative measures
Prompt: What measures can be taken to prevent ransomware attacks in healthcare?