Trellix's Director of Strategy Zak Krider reveals how they automated tedious security tasks like event parsing and threat detection using Amazon Bedrock's multi-model approach, achieving 100% accuracy while eliminating bottlenecks in their development lifecycle.

Topics Include:

• Trellix merged FireEye and McAfee Enterprise, combining two decades of cybersecurity AI expertise
• Processing thousands of daily security events revealed traditional ML's weakness: overwhelming false positives
• Two years ago, they integrated generative AI to automate threat investigation workflows
• Amazon Bedrock's multi-model access enabled rapid testing and "fail fast, learn fast" methodology
• Built custom cybersecurity testing framework since public benchmarks don't reflect domain-specific needs
• Agentic AI now autonomously investigates threats across dark web, CVEs, and telemetry data
• AWS NOVA builds investigation plans while Claude executes detailed threat research analysis
• Launched "Sidekick" internal tool with agents mimicking human developer onboarding processes
• Chose prompt engineering over fine-tuning for flexibility, cost-effectiveness, and faster iteration
• Automated security rule generation across multiple languages that typically require unicorn developers
• Achieved 100% accuracy in automated event parsing, eliminating tedious manual SOC work
• Key lesson: don't default to one model; test and mix for optimal results

Participants:

• Zak Krider - Director of Strategy & AI, Trellix

See how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/