NEC began selling a new version of “NEC Supply Chain Security Management for Networks,” which ensures the authenticity of network devices and visualizes threats. It adds features to efficiently filter alerts using AI and prioritize vulnerability responses. The new features include the use of AI and the selection and prioritization of vulnerabilities to automatically present information on alerts and vulnerabilities that should be addressed, taking into account the user’s environment and actual operational status. This prevents items that require special attention from being overlooked, reduces the burden of operational monitoring work, and supports transparent decision-making by reducing subjective judgment. The specific functions and features are as follows: Efficient alert filtering: Using NEC’s unique AI technology, the product learns and analyzes the behavior of operators based on the log data of network devices collected by the product, and automatically extracts monitoring items. This prevents unauthorized use/access from being overlooked, which previously occurred due to subjective selection.
In addition, even for events that pose a risk of being “different from usual,” for which it is difficult to define rules for extracting alerts, the AI detects abnormal logins or operations and issues an alert, making it possible to reduce the number of alerts that operators and administrators need to visually check by up to approximately 90% compared to conventional methods. Prioritization of vulnerability responses: The vulnerability information collected by the product is analyzed from multiple angles using the vulnerability assessment framework “SSVC (Stakeholder-Specific Vulnerability Categorization) method. Vulnerabilities are then automatically classified by priority according to the characteristics of the user’s network environment, and the timing of response is displayed as a guide to action. By determining the priority of vulnerability responses based on the impact of the vulnerability information and device information, it is possible to reduce manual analysis labor while maintaining accurate risk assessment and transparency in response decisions.
Also Read: NTT AI-CIX, Retail AI Launch DX Firm for Supply Chains
Furthermore, verification in NEC’s in-house environment has confirmed that the number of vulnerabilities that should be prioritized is narrowed down to about 60% compared to conventional methods. The product is available in a service version and a software version , and the service version will be released first. With this enhanced functionality, NEC aims to automate security operations and management, reducing the burden on operations managers and strengthening their response capabilities, thereby helping to improve security across organizations and promote safe digital transformation.
SOURCE: Yahoo