How Ivanti hopes to redefine cybersecurity with AI

Join today’s leading executives online at the Data Summit on March 9th. Register here.

Widening gaps in cybersecurity tech stacks are leaving enterprises vulnerable to debilitating attacks. Making matters worse, there are often conflicting endpoints, patch management and patch intelligence systems that partially support a small subset of all devices. CISOs tell VentureBeat that gaps in their cybersecurity tech stacks are getting wider because their legacy systems can’t integrate across unified endpoint management (UEM), asset management, IT Service Management (ITSM) and cost management data available in real time to optimize cybersecurity deterrence strategies and spending.

AI is core To Ivanti’s enterprise vision 

Ivanti’s quickness in using AI and machine learning to take on these challenges is noteworthy. In the span of fewer than eighteen months, they’ve delivered their AI-based Ivanti Neurons platform to enterprise customers and continued to innovate it. The company first introduced the Ivanti Neurons platform in July 2020, empowering organizations to autonomously self-heal and self-secure devices and self-service end users. 

Since then, Ivanti has released updates and added innovations to the platform on a quarterly basis to further help customers quickly and securely embrace the future of work. For example, Ivanti recently released Ivanti Neurons for Zero Trust Access, the first AI-based solution to support organizations fine-tuning their zero trust frameworks. The company also introduced Ivanti Neurons for Patch Management, a cloud-native solution that enables IT teams to efficiently prioritize and remediate the vulnerabilities that pose the most danger to their organizations.

In the same period, Ivanti acquired MobileIron, Pulse Secure, Cherwell, RiskSense, and the Industrial Internet of Things (IIoT) platform owned by the WIIO Group. Their total addressable market has doubled due to these acquisitions, reaching $30 billion this year, growing to $60 billion by 2025. Ivanti has 45,000 customers, providing cybersecurity systems and platforms for 96 of the Fortune 100. 

Ivanti is successfully scaling its AI-based Neurons platform across multiple gaps in enterprises’ cybersecurity tech stacks. VentureBeat recently spoke with Ivanti’s CEO, Jeff Abbott, and president and chief product officer Nayaki Nayyar to gain further insight on Ivanti’s growth and success . The company’s executives detailed  how Ivanti’s approach to integrating AI and machine learning into its Neurons platform will help its customers anticipate, deter and learn from a wide variety of cyberattacks. 

The Ivanti Neurons platform relies on AI and machine learning to deliver contextual intelligence across the three core areas of self-service, self-security, and self-healing, anticipating and alleviating potential disruptions before they occur.

VentureBeat: Why do new customers choose an AI-based solution like Ivanti Neurons over the competing, substitute solutions in the market? 

Jeff Abbott: We’re looking to AI, machine learning, and related technologies to create a richer experience for our customers while continually delivering innovative and valuable new capabilities. We’re leveraging AI & machine learning bot technology to solve common challenges that our customers are facing. The example I like is discovery. The process of understanding what’s on a network. I talk to customers all the time, and one that comes to mind is a superintendent of a school district who said, “Every six months we send out teams to go to all the various locations of various schools and see what’s on the network physically or we run protocols on site. Now with your bot technology, we can do that on a nightly basis and discover what’s there.” That’s an example of how our unified platform increases visibility for our customers, while continually staying on top of security standards.

It’s fascinating to consider all the opportunities the metadata from UEM, IT service management (ITSM) / IT asset management (ITAM), and cost management systems provide. Having the metadata from all three systems on a single pane of glass becomes very interesting to what we can tell customers about their operations down to the device level. Creating a data lake based on the metadata becomes a powerful tool. Having a broad base of contextual data to analyze with the Ivanti Neurons platform enables us to gain a new understanding of what’s happening. We’re relying on AI and machine learning in the context of the Ivanti Neurons platform to scale from providing basic information up to contextually intelligent insights our customers can use to grow their businesses.  

Nayaki Nayyar: I was in the oil and gas industry for 15 years, working with Shell and Valero Energy for many years. So, I’ve lived in the customer’s shoes and can empathize with three big problems they’re facing today, regardless of the industry they are in

The first is the explosive growth of edge devices, including mobile devices, laptops, desktops, wearables and, to some extent, IoT devices. That’s a big challenge that everyone has to address. Then the second problem is ransomware. Not a single day goes by without a ransomware attack. And the third is how to provide a great customer experience that equals the quality of everyday consumer experiences. Solving how to bring a consumer-grade experience into an enterprise context is an area we’re prioritizing today. 

Our goal is to automate tasks beneath the user experience layer of our applications, so our customers don’t have to worry about them; let AI, machine learning, and deep learning capabilities heal endpoints, using intelligent bots for endpoint discovery, self-healing, asset management and more. Our goal is to provide customers with an experience where the routine tasks are managed autonomously, so they don’t have to. The Ivanti Neurons platform is designed to take on these challenges and more. 

VentureBeat: How are you fine-tuning your algorithms to fight ransomware so that your customers don’t have to become data scientists or consider recruiting a data scientist?

Nayaki Nayyar: I will highlight two distinct AI capabilities that we have to address your exact question on preventing ransomware.  We have what we call Ivanti Neurons for Edge Intelligence, which provides a 360-degree view of all the devices across a network, and using NLP, we’ve designed the platform so it’s flexible enough to respond to questions and queries. An example would be, “How many devices on my network are not patched correctly or have not been patched for these specific vulnerabilities?” The Ivanti Neurons platform will automatically respond to simple text-based and keyword searches. So, our customers can ask a question using natural language, and the system will respond to it.

We’ve also developed deep expertise in text ranking. We mine data from various social channels, including Twitter, Reddit, and publicly available sources. We then do sentiment analysis on various Common Vulnerabilities and Exposures (CVEs) that are trending and sentiment analysis on the patches. Then we provide those insights in Ivanti Neurons for Patch Intelligence. Using NLP, sentiment analysis, and AI, Ivanti Neurons for Patch Intelligence provides our customers’ administrators with the insights they need to prioritize which CVEs have the highest risks for their organization and then remediate those issues immediately. That doesn’t require data scientists to be employed by our customers. All of that is being embedded into our stack, and we make it simple for customers to consume it.

Jeff Abbott: We’re also constantly doing research on ransomware and vulnerabilities. In fact, we just released our Ransomware Spotlight Year-End Report. The analysis shows that the bad actors target organizations that are not keeping up with CVEs.

Not keeping up with zero-day vulnerabilities and defining a plan for addressing them can make any organization a gazelle in the middle of the field. So, as Nayaki said, we’re providing patch intelligence to help our customers prioritize which vulnerabilities are most important to address first. One of the factors that led to us acquiring RiskSense is their extensive data set on detection. We’re using the data to provide forward intelligence on the open vulnerabilities and help our customers anticipate and fix them quickly. We’re seeing that our mid-tier and SMB accounts need patch intelligence as much as our enterprise customers.

VentureBeat: How does AI deliver measurable value for customers? How do you quantify that and know you are meeting expectations with customers, that you’re delivering value?

Nayaki Nayyar:  For many years, solving security, IT or asset issues was a reactive process. Every customer called or filed a ticket right after the issue happened, reporting the issue. The ticket was created, then it was routed to the right service desk agent to solve it. But that took too much time, possibly ten days later or even a month later, before the ticket was resolved.

The Ivanti Neurons platform is designed to detect security, IT, asset, endpoint, or discovery issues before the end-user knows that issue will happen. Our bots are also designed to be self-healing and they can detect whether it’s a configuration drift that has happened on a device, or whether it is a security anomaly or a performance issue. Bots automatically heal those issues, so end users don’t even have to create a ticket and route the ticket to get a resolution.

If we can help customers reduce the number of issues by 30% or more before end users even create tickets, then that represents a massive cost saving. Not to mention the speed and accuracy at which those services are provided. 

VentureBeat: Which customer needs are the most urgent and best met by expanding the AI capabilities of your Ivanti Neurons platform?

Nayaki Nayyar: Today, discovering unknown assets or endpoints is an urgent, high-priority requirement. The greatest challenge is blind-spot detection within an organization. We’ve architected Ivanti Neurons to detect blind spots across enterprise networks. Our customers are using Neurons to identify assets regardless of their locations, whether they are in data centers, cloud assets, endpoints, or IoT assets.

Discovery is most often step one for our customers on the Ivanti Neurons platform because it helps them turn their unknown assets into known assets immediately. They don’t need to remediate and self-heal devices right away; that can come later in the asset cycle. Ivanti Neurons for Discovery are a critically important solution that customers get immediate benefit from and then can expand upon.

Most customers have what we call a Frankenstein’s mess of tools and technologies to manage their devices By combining our Neurons platform with the technologies from our recently acquired companies, we’re now providing a single pane of glass, so an analyst can log in, see what device types are on the network, and manage any endpoint security or asset management problems right from there.

Jeff Abbott: Patching is overly complex and time-consuming, and that’s a huge problem our customers also face. Ivanti Neurons for Patch Management and Patch Intelligence help solve those challenges for our customers. We’re focused on improving user experiences to make AI and NLP-based patch management and intelligence less intimidating. Our focus is specifically on helping our customers keep up with the latest zero-day vulnerabilities and CVEs that could impact them. We focus on solving the biggest risk areas first using Ivanti Neurons, alleviating the time-consuming work our customers would otherwise have to go through.

VentureBeat: What are the Ivanti Neurons platform’s top three design goals, and how do you benchmark success for those?

Jeff Abbott: Our primary goals are for the Ivanti Neurons platform to discover devices, and then self-heal and self-secure themselves using AI-based workflows and technologies. Our internal research shows that customers using Neurons are experiencing over 50% reductions in support call times. They’re also eliminating duplicate work between IT operations and security teams and reducing the number of vulnerable devices by 50%. These stats are all from customer surveys and anonymized actual results. Ivanti Neurons is also contributing to reducing unplanned outages by 63%.

Nayaki Nayyar:  Adding to what Jeff said, the entire architecture is container-based. We leverage containers that are cloud-agnostic, meaning we can deploy them anywhere. So, one goal is not just to deploy to the cloud, but also to drop these containers on the edge in the future so that we can process those workloads at the edge, closer to where the data is getting generated.

The platform is also all API-based, so the integration we do within the stack is all based on APIs,  This means that our customers don’t need to have the entire stack. They can start anywhere and evolve at their own pace. They can start in the security space in patch management and move from there. Or they can start in service management or discovery. They can start anywhere and evolve everywhere. And we also recognize that they don’t need to have just Ivanti’s entire stack. They can be using two or three pillars from us and other systems and platforms from other vendors. 

VentureBeat: Do you see customers moving to an AI-based platform to scale zero trust initiatives further out?

Nayaki Nayyar: Yes, we have a large manufacturing customer who was evolving from VPN-based access into zero trust. This is a big paradigm shift. With VPN-based access, you’re pretty much giving users access to everything, whereas, with a zero-trust approach, you’re continuously validating and authenticating every application access. As the customer was switching to zero trust, their employees were running into many “access denied” issues. The volume of tickets coming into the service deck spiked by 500%.

The manufacturing customer started using Ivanti Neurons with AI and ML-based bots to detect what kind of access issues users were having and self-heal those issues based on the right amount of access. The ticket volume immediately went down. So, it was a great example of customers evolving beyond VPN to zero trust access; our technology can help customers advance zero-trust and solve access challenges. 

VentureBeat: What additional verticals are you looking at beyond healthcare? For example, will there be an Ivanti Neurons for Supply Chain Management, given how many constraints they have become in the last year to eighteen months, for example? 

Nayaki Nayyar: I’m extremely passionate about IoT and what’s happening with edge devices today.  The transformation that we see at the edge is phenomenal. We’re designing support for edge devices into the Ivanti Neurons platform today, giving our customers the flexibility of managing IoT assets.

Healthcare is one of the verticals where we have gone deep into discovering and managing our customers’ many healthcare devices, especially those you see in a hospital setting like Kaiser.

Manufacturing facilities or shop floor is another area we are exploring. Our customers have different types of ruggedized IoT devices that we can apply the same principles of discovering, managing, and providing security to the IoT assets on the shop floor. In the future, we also plan on extending into the telco space. We have large telcos as customers, and they’ve been asking us to go more and more into the telco IoT world.

Our telco customers also tell us they would like to see greater support for ruggedized devices their field technicians use out in the field. Retailers are also expressing an interest in supporting ruggedized devices, which is an area we’re exploring today. 

Jeff Abbott: The public sector comprising federal, state, and local have unique requirements, of which Nayaki and I have had several conversations about. Many capabilities for vertical markets are still very horizontal. We’re seeing that as organizations discover the nuances of their use of edge computing and edge technology, more specialized vertical market requirements will become more dominant. I think we’re covering 90% or more of the security requirements now. That’s especially the case in discovery, patch management, and patch intelligence. 

VentureBeat: How do you integrate an AI-based platform into a legacy system tech stack or infrastructure? What are the most valuable technologies for accomplishing that, for example, APIs? 

Nayaki Nayyar:  We have a pretty strong connector base with existing systems. I won’t call them a legacy. We need to coexist with existing systems, as many have been installed for 10 to 15 years at a minimum in many organizations. To accomplish this, we have 300 or more connectors out of the box that can be leveraged by our customers, resellers, and partners. We’re committed to continually strengthening our ecosystem of partners to provide customers with the options they need for their unique integration requirements.   

VentureBeat: Could you share the top three lessons Ivanti has learned, designing intuitive user experiences to guide users using AI-based applications?

Jeff Abbott:  I think the most important lesson learned is to provide every customer, from SMBs to enterprises, data-driven insights that validate AI is performing appropriately. Ensuring that self-healing, self-servicing, and all supporting aspects of Ivanti Neurons protect customers’ assets while also contributing to more efficient ITSM performances.

When it comes to preventing ransomware attacks, the key is to always provide users with the option of performing an intuitive double-check. One day your organization could be very healthy. But, on the other hand, you may not be paying attention to the intuitive signals from AI, which could lead to the organization falling victim to an attack. Taking an active position on security, which includes knowing your organization’s tools and understanding what they can achieve, is important. 

Nayaki Nayyar: User experiences require a three-prong approach. Start by concentrating first with humans in the loop, recognizing the unique need for contextual intelligence. Next, add the need for augmented AI, and then the last level of maturity is humans out of the loop.

For customers, this translates into taking the three layers of maturity and identifying how and where user experience designs deliver more contextual intelligence. The goal with Ivanti Neurons is to remove as many extraneous interactions with users as possible, saving their time only for the most unique, complex decision trade-offs that need to be made. Our goal is to streamline routine processes, anticipate potential endpoint security, patch management, and ITSM-related tasks, and handle them before a user sees their impact on productivity and getting work done.  

VentureBeat: With machine learning models so dependent on repetitive learning, how did you design the Ivanti Neurons platform and related AI applications to continually learn from data without requiring customers to have data scientists on staff?

Nayaki Nayyar: We’re focused on making Ivanti Neurons as accessible as possible to every user. We’ve created an Employee Experience Score, a methodology to identify how effective our customers’ experiences are on our platform to achieve that. Using that data, we can tell which application workflows need the most work to further improve usability and user experiences and which ones are doing so well that we can use them as models for future development.

We’re finding this approach to be very effective in quantifying [whether] we’re meeting expectations or not by individual, employee, division, department, and persona. This approach immediately gets organizations out of using ticket counts as a proxy for user experience. Closing tickets alone is not the SLA that needs to be measured alone. It’s more important to quantify the entire experience and seek new ways to improve it. 

VentureBeat: How do you evaluate potential acquisitions, given how your product and services strategy moves in an AI-centric direction? What matters most in potential acquisitions?

Jeff Abbott: We’re prioritizing smaller acquisitions that deliver high levels of differentiation via their unique technologies first, followed by their potential contributions to our total addressable markets. We’re considering potential acquisitions that could strengthen our vertical tech stack in key markets. We’re also getting good feedback directly from customers and our partners on where we should look for new acquisitions. But I’d like to be clear that it’s not just acquisitions. 

We also have very interesting partnerships forming across industries, focusing on telco carriers globally. Some of the large hardware providers have also proposed interesting joint go-to-market strategies, which we think will be groundbreaking with the platform. We’re also looking at partnerships that create network effects across our partnership and customer base. That’s what we’re after in our partnership strategy, especially regarding the interest we’re seeing on the part of large telco providers today. So, we’re going to be selective. We will go after those that put us in a differentiation category. The good news is that many nice innovative companies are getting into that level of maturity.

Where we can partner or acquire them, we’re focused on not disrupting the trajectory they’re on. It creates a much bigger investment portfolio to continue to advance those solutions.

Nayaki Nayyar: We’re very deliberate in what acquisitions we do for two primary reasons. One is to strengthen the markets that we play in. We compete in three markets today, and our recent acquisitions strengthen our position in each. Our goal is to be among the top two or top three in each market we’re competing in. An integral part of our acquisition strategy is looking at how a potential acquisition can increase our entire addressable market and gain access to adjacent markets that we can start to grow in. 

We are in three markets: UEM, security, and service management. As we’re converging these three pillars into our Ivanti Neurons platform, we are evolving into adjacent markets like DEX (Digital Experience Management)  So far, our approach of relying on acquisitions to strengthen our core three markets is working well for us. To Jeff’s point, strengthening what we have to further to be a top vendor in these markets is working, delivering strong, differentiated value to our customers.

Originally appeared on: TheSpuzz