OptOSS AI v.10.1 - Release

We are excited to announce the new release of OptOSS AI 10.1®. This release introduces new GenAI functionality to identify and react on cybersecurity threats, help with complex root cause analysis cases, improves operational visibility, strengthens audit and security controls, enhances monitoring functionality for complex ICT systems, and includes multiple ergonomics and usability improvements designed to support more efficient large ICT systems operations.

‍

🚀 What's New

1. CyberSecurity AIKP

OptOSS AI v.10.1 introduces a new feature for the automatic detection and rapid response to cyber security incidents. This functionality is powered by the CyberSecurity AIKP. The AIKP continuously analyzes received events, autonomously identifies security threat patterns, finds the source of the attack, and performs an analysis. It then creates comprehensive reports within the application and sends external notifications to the ticketing system. Each newly created incident ticket is pre-populated with the analyzed data, ensuring all necessary information is available for follow-up and correspondence with relevant remote abuse departments. In the GUI, security incidents are only considered resolved when the corresponding ticket in the monitoring system is marked as resolved.

‍

The CyberSecurity AIKP capabilities include:

• Automatically identifying cyber security attacks from the events received from devices.
• Analyzing and calculating the number of security threats per country, organization, or network.
• Identifying the affected device and the attacker’s source (IP address, country, AS-number, provider identity).
• Tracking the history and the total number of security attack attempts per source host.

These capabilities help security personnel automate incident response and immediately react to security incidents, significantly reducing administrative overhead related to compliance reporting.

‍

The AIKP deeply analyzes the potential cyber security incident and classifies the threat. It then creates a security incident ticket in the monitoring system, following pre-configured business logic. The ticket includes an on-prem LLM-generated abuse report containing:

• The Attacker host IP address
• Evidences of the attack
• The abuse email address for sending the report, along with justification for how it was found
• Contact data for the company’s security incident responding team

‍

2. Root Cause Analysis Module

A new on-prem LLM based root cause analysis module helps with analysis of complex issues spanning multiple devices where unexpected behavior on one device is caused by a problem on another device

Operators can use the Root Cause Analysis (RCA) module of OptOSS AI Assistant to automatically find the root cause of an issue. OptOSS AI automatically monitors devices exhibiting unexpected behavior and the devices that triggered that behavior. The RCA module analyzes events from all affected devices to suggest the root cause. This functionality significantly reduces the time required for live troubleshooting during an ongoing crisis, post-incident analysis (post-mortem), and automated resolution upon problem re-occurrence.

‍

3. Improved GUI design

The OptOSS AI GUI has undergone multiple changes to enhance ergonomics and convenience for daily operations. Key improvements include:

• Operators now have the flexibility to choose their preferred color mode (light or dark) via a new selector, adapting the GUI display based on their shift or the time of day.

‍

• The system menu has been redesigned and is now available on every page in the application.

‍

‍

• More intuitive journaling view

‍

⭐ Enhancements

1. Improved sensor visualisation data in history view

Periods where sensor data polling is unsuccessful or times out are now clearly indicated in the history view with a dashed line.

‍

2. Improved Archiving logic

When a loaded archive is scheduled for deletion due to retention policy, the system now notifies the user in the GUI, prompting them to manually unload it. Deletion from the system will only occur after the archive has been successfully unloaded from the online storage in the database.

‍

3. Improved network protocol audit logic

The network protocol audit logic has been enhanced with a static route audit plugin, allowing OptOSS AI to use static routes to discover peering routers. For both static routes and external BGP peers, we have introduced the concept of "partner." Importantly, a peer discovered over these two protocols is added to the device inventory list only when explicitly allowed by the OptOSS AI administrator.

‍

In addition to the features listed above, this release includes numerous stability improvements, performance optimizations, and issue corrections across the platform.

‍

‍To find out more, please, contact us at info@opt-net.eu or fill in the contact form at: Get demo