Tuskira Unveils Federated Detection Engine at RSAC 2026
嗯,用户让我总结一下这篇文章的内容,控制在100字以内,而且不需要用“文章内容总结”这样的开头。首先,我需要通读整篇文章,抓住主要信息。 文章主要讲的是Tuskira在2026年的RSA大会上发布了一个新的联邦检测引擎,这个引擎是他们Agentic SecOps平台的一部分。这个引擎可以让安全团队实时检测分布在云端、身份、终端、网络、SaaS、基础设施和传统SIEM环境中的威胁,而不需要先集中日志。 传统的方法依赖于将数据拉到一个集中的日志架构中,然后手动编写和维护检测规则。Tuskira认为这种方法太慢太贵了,特别是面对现代攻击在分布式环境中移动的情况。他们的联邦检测引擎把检测逻辑带到数据所在的地方,减少了对传统SIEM基础设施和人工规则管理的依赖。 文章还提到这个引擎连接到平台的四个核心功能:源检测、安全上下文图、自主分诊和调查、以及通过现有工具堆栈进行响应。客户反馈显示检测变得更动态,分析师可以更专注于真实威胁,并且价值实现快。 总结起来,Tuskira推出了一种新的联邦检测引擎,改变了传统的安全运营模式,提升了实时威胁检测能力,并减少了对集中日志和手动规则的依赖。 </think> Tuskira推出联邦检测引擎,在其Agentic SecOps平台上实时跨多环境检测威胁,无需集中日志。该引擎减少对传统SIEM依赖,通过分布式数据源直接生成检测信号,并结合AI分诊和自主调查功能提升效率。客户反馈显示其显著提升威胁响应速度和准确性。 2026-3-23 23:8:48 Author: securityboulevard.com(查看原文) 阅读量:3 收藏

Avatar photo

Tuskira announced its Federated Detection Engine at RSA Conference 2026, adding a new capability to its Agentic SecOps platform that lets security teams detect threats in real time directly across cloud, identity, endpoint, network, SaaS, infrastructure, and legacy SIEM environments without centralizing logs first.

The traditional model of detection engineering depends on pulling data into a centralized log architecture, then writing and maintaining detection rules manually. Tuskira argues that model is too slow and too expensive for how modern attacks move across distributed environments. The Federated Detection Engine brings detection logic to where data already lives, significantly reducing dependency on traditional SIEM infrastructure and human-operated rule management.

“Every second we delay, adversaries are using AI to accelerate their attacks,” said Piyush Sharma, Co-founder and CEO of Tuskira. “Our triage automation is worthless if detection can’t keep pace, and right now, it can’t. The most critical layer of our SOC remains manual and legacy-dependent. This isn’t a future problem. It’s happening now, and the window to act is closing. Tuskira removes the cost and aggregation constraints as detections happen where the data lives, signals are correlated through shared context, and AI triage continuously separates real threats from noise.”

The Federated Detection Engine connects to four core functions within the Tuskira platform. Detection at the Source generates detections directly across distributed data sources, reducing centralized log costs. A Security Context Graph correlates identities, assets, and attacker activity into a unified threat model to expose APT activity and breach paths. Autonomous Triage and Investigation continuously validates detections, reduces false positives, and prioritizes what represents real breach risk. Response through the Existing Stack translates validated findings into targeted containment actions driven through tools the customer already uses.

A CISO at a global industrial enterprise noted: “Tuskira changed how our SOC operates. Detections are no longer static, and our analysts spend less time chasing noise and more time focused on real threats. We also started seeing value quickly, without waiting months for a large-scale data migration or pipeline re-engineering.”

Tuskira positions the release as an extension of its broader Agentic SecOps platform, which is built on what the company calls a Unified Intelligence and Distributed Detection philosophy. The Federated Detection Engine is available now.


文章来源: https://securityboulevard.com/2026/03/tuskira-unveils-federated-detection-engine-at-rsac-2026/
如有侵权请联系:admin#unsafe.sh