How Ivanti hopes to redefine cybersecurity with AI

Widening gaps in cybersecurity tech stacks are leaving enterprises vulnerable to debilitating attacks. Making matters worse, there are often conflicting endpoints, patch management and patch intelligence systems that partially support a small subset of all devices. CISOs tell VentureBeat that gaps in their cybersecurity tech stacks are getting wider because their legacy systems cant integrate across unified endpoint management (UEM), asset management, IT Service Management (ITSM) and cost management data available in real time to optimize cybersecurity deterrence strategies and spending.

AI is core To Ivantis enterprise vision

Ivantis quickness in using AI and machine learning to take on these challenges is noteworthy. In the span of fewer than eighteen months, theyve delivered their AI-based Ivanti Neurons platform to enterprise customers and continued to innovate it. The company first introduced the Ivanti Neurons platform in July 2020, empowering organizations to autonomously self-heal and self-secure devices and self-service end users.

Since then, Ivanti has released updates and added innovations to the platform on a quarterly basis to further help customers quickly and securely embrace the future of work. For example, Ivanti recently released Ivanti Neurons for Zero Trust Access, the first AI-based solution to support organizations fine-tuning their zero trust frameworks. The company also introduced Ivanti Neurons for Patch Management, a cloud-native solution that enables IT teams to efficiently prioritize and remediate the vulnerabilities that pose the most danger to their organizations.

In the same period, Ivanti acquired MobileIron, Pulse Secure, Cherwell, RiskSense, and the Industrial Internet of Things (IIoT) platform owned by theWIIOGroup. Their total addressable market has doubled due to these acquisitions, reaching $30 billion this year, growing to $60 billion by 2025. Ivanti has 45,000 customers, providing cybersecurity systems and platforms for 96 of the Fortune 100.

Ivanti is successfully scaling its AI-based Neurons platform across multiple gaps in enterprises cybersecurity tech stacks. VentureBeat recently spoke with Ivantis CEO, Jeff Abbott, and president and chief product officer Nayaki Nayyar to gain further insight on Ivantis growth and success . The companys executives detailed how Ivantis approach to integrating AI and machine learning into its Neurons platform will help its customers anticipate, deter and learn from a wide variety of cyberattacks.

VentureBeat: Why do new customers choose an AI-based solution like Ivanti Neurons over the competing, substitute solutions in the market?

Jeff Abbott: Were looking to AI, machine learning, and related technologies to create a richer experience for our customers while continually delivering innovative and valuable new capabilities. Were leveraging AI & machine learning bot technology to solve common challenges that our customers are facing. The example I like is discovery. The process of understanding whats on a network. I talk to customers all the time, and one that comes to mind is a superintendent of a school district who said, Every six months we send out teams to go to all the various locations of various schools and see whats on the network physically or we run protocols on site. Now with your bot technology, we can do that on a nightly basis and discover whats there. Thats an example of how our unified platform increases visibility for our customers, while continually staying on top of security standards.

Its fascinating to consider all the opportunities the metadata from UEM, IT service management (ITSM) / IT asset management (ITAM), and cost management systems provide. Having the metadata from all three systems on a single pane of glass becomes very interesting to what we can tell customers about their operations down to the device level. Creating a data lake based on the metadata becomes a powerful tool. Having a broad base of contextual data to analyze with the Ivanti Neurons platform enables us to gain a new understanding of whats happening. Were relying on AI and machine learning in the context of the Ivanti Neurons platform to scale from providing basic information up to contextually intelligent insights our customers can use to grow their businesses.

Nayaki Nayyar: I was in the oil and gas industry for 15 years, working with Shell and Valero Energy for many years. So, Ive lived in the customers shoes and can empathize with three big problems theyre facing today, regardless of the industry they are in

The first is the explosive growth of edge devices, including mobile devices, laptops, desktops, wearables and, to some extent, IoT devices. Thats a big challenge that everyone has to address. Then the second problem is ransomware. Not a single day goes by without a ransomware attack. And the third is how to provide a great customer experience that equals the quality of everyday consumer experiences. Solving how to bring a consumer-grade experience into an enterprise context is an area were prioritizing today.

Our goal is to automate tasks beneath the user experience layer of our applications, so our customers dont have to worry about them; let AI, machine learning, and deep learning capabilities heal endpoints, using intelligent bots for endpoint discovery, self-healing, asset management and more. Our goal is to provide customers with an experience where the routine tasks are managed autonomously, so they dont have to. The Ivanti Neurons platform is designed to take on these challenges and more.

VentureBeat: How are you fine-tuning your algorithms to fight ransomware so that your customers dont have to become data scientists or consider recruiting a data scientist?

Nayaki Nayyar: I will highlight two distinct AI capabilities that we have to address your exact question on preventing ransomware. We have what we call Ivanti Neurons for Edge Intelligence, which provides a 360-degree view of all the devices across a network, and using NLP, weve designed the platform so its flexible enough to respond to questions and queries. An example would be, How many devices on my network are not patched correctly or have not been patched for these specific vulnerabilities? The Ivanti Neurons platform will automatically respond to simple text-based and keyword searches. So, our customers can ask a question using natural language, and the system will respond to it.

Weve also developed deep expertise in text ranking. We mine data from various social channels, including Twitter, Reddit, and publicly available sources. We then do sentiment analysis on various Common Vulnerabilities and Exposures (CVEs) that are trending and sentiment analysis on the patches. Then we provide those insights in Ivanti Neurons for Patch Intelligence. Using NLP, sentiment analysis, and AI, Ivanti Neurons for Patch Intelligence provides our customers administrators with the insights they need to prioritize which CVEs have the highest risks for their organization and then remediate those issues immediately. That doesnt require data scientists to be employed by our customers. All of that is being embedded into our stack, and we make it simple for customers to consume it.

Jeff Abbott: Were also constantly doing research on ransomware and vulnerabilities. In fact, we just released our Ransomware Spotlight Year-End Report. The analysis shows that the bad actors target organizations that are not keeping up with CVEs.

Not keeping up with zero-day vulnerabilities and defining a plan for addressing them can make any organization a gazelle in the middle of the field. So, as Nayaki said, were providing patch intelligence to help our customers prioritize which vulnerabilities are most important to address first. One of the factors that led to us acquiring RiskSense is their extensive data set on detection. Were using the data to provide forward intelligence on the open vulnerabilities and help our customers anticipate and fix them quickly. Were seeing that our mid-tier and SMB accounts need patch intelligence as much as our enterprise customers.

VentureBeat: How does AI deliver measurable value for customers? How do you quantify that and know you are meeting expectations with customers, that youre delivering value?

Nayaki Nayyar: For many years, solving security, IT or asset issues was a reactive process. Every customer called or filed a ticket right after the issue happened, reporting the issue. The ticket was created, then it was routed to the right service desk agent to solve it. But that took too much time, possibly ten days later or even a month later, before the ticket was resolved.

The Ivanti Neurons platform is designed to detect security, IT, asset, endpoint, or discovery issues before the end-user knows that issue will happen. Our bots are also designed to be self-healing and they can detect whether its a configuration drift that has happened on a device, or whether it is a security anomaly or a performance issue. Bots automatically heal those issues, so end users dont even have to create a ticket and route the ticket to get a resolution.

If we can help customers reduce the number of issues by 30% or more before end users even create tickets, then that represents a massive cost saving. Not to mention the speed and accuracy at which those services are provided.

VentureBeat: Which customer needs are the most urgent and best met by expanding the AI capabilities of your Ivanti Neurons platform?

Nayaki Nayyar: Today, discovering unknown assets or endpoints is an urgent, high-priority requirement. The greatest challenge is blind-spot detection within an organization. Weve architected Ivanti Neurons to detect blind spots across enterprise networks. Our customers are using Neurons to identify assets regardless of their locations, whether they are in data centers, cloud assets, endpoints, or IoT assets.

Discovery is most often step one for our customers on the Ivanti Neurons platform because it helps them turn their unknown assets into known assets immediately. They dont need to remediate and self-heal devices right away; that can come later in the asset cycle. Ivanti Neurons for Discovery are a critically important solution that customers get immediate benefit from and then can expand upon.

Most customers have what we call a Frankensteins mess of tools and technologies to manage their devices By combining our Neurons platform with the technologies from our recently acquired companies, were now providing a single pane of glass, so an analyst can log in, see what device types are on the network, and manage any endpoint security or asset management problems right from there.

Jeff Abbott: Patching is overly complex and time-consuming, and thats a huge problem our customers also face. Ivanti Neurons for Patch Management and Patch Intelligence help solve those challenges for our customers. Were focused on improving user experiences to make AI and NLP-based patch management and intelligence less intimidating. Our focus is specifically on helping our customers keep up with the latest zero-day vulnerabilities and CVEs that could impact them. We focus on solving the biggest risk areas first using Ivanti Neurons, alleviating the time-consuming work our customers would otherwise have to go through.

VentureBeat: What are the Ivanti Neurons platforms top three design goals, and how do you benchmark success for those?

Jeff Abbott: Our primary goals are for the Ivanti Neurons platform to discover devices, and then self-heal and self-secure themselves using AI-based workflows and technologies. Our internal research shows that customers using Neurons are experiencing over 50% reductions in support call times. Theyre also eliminating duplicate work between IT operations and security teams and reducing the number of vulnerable devices by 50%. These stats are all from customer surveys and anonymized actual results. Ivanti Neurons is also contributing to reducing unplanned outages by 63%.

Nayaki Nayyar: Adding to what Jeff said, the entire architecture is container-based. We leverage containers that are cloud-agnostic, meaning we can deploy them anywhere. So, one goal is not just to deploy to the cloud, but also to drop these containers on the edge in the future so that we can process those workloads at the edge, closer to where the data is getting generated.

The platform is also all API-based, so the integration we do within the stack is all based on APIs, This means that our customers dont need to have the entire stack. They can start anywhere and evolve at their own pace. They can start in the security space in patch management and move from there. Or they can start in service management or discovery. They can start anywhere and evolve everywhere. And we also recognize that they dont need to have just Ivantis entire stack. They can be using two or three pillars from us and other systems and platforms from other vendors.

VentureBeat: Do you see customers moving to an AI-based platform to scale zero trust initiatives further out?

Nayaki Nayyar: Yes, we have a large manufacturing customer who was evolving from VPN-based access into zero trust. This is a big paradigm shift. With VPN-based access, youre pretty much giving users access to everything, whereas, with a zero-trust approach, youre continuously validating and authenticating every application access. As the customer was switching to zero trust, their employees were running into many access denied issues. The volume of tickets coming into the service deck spiked by 500%.

The manufacturing customer started using Ivanti Neurons with AI and ML-based bots to detect what kind of access issues users were having and self-heal those issues based on the right amount of access. The ticket volume immediately went down. So, it was a great example of customers evolving beyond VPN to zero trust access; our technology can help customers advance zero-trust and solve access challenges.

VentureBeat: What additional verticals are you looking at beyond healthcare? For example, will there be an Ivanti Neurons for Supply Chain Management, given how many constraints they have become in the last year to eighteen months, for example?

Nayaki Nayyar: Im extremely passionate about IoT and whats happening with edge devices today. The transformation that we see at the edge is phenomenal. Were designing support for edge devices into the Ivanti Neurons platform today, giving our customers the flexibility of managing IoT assets.

Healthcare is one of the verticals where we have gone deep into discovering and managing our customers many healthcare devices, especially those you see in a hospital setting like Kaiser.

Manufacturing facilities or shop floor is another area we are exploring. Our customers have different types of ruggedized IoT devices that we can apply the same principles of discovering, managing, and providing security to the IoT assets on the shop floor. In the future, we also plan on extending into the telco space. We have large telcos as customers, and theyve been asking us to go more and more into the telco IoT world.

Our telco customers also tell us they would like to see greater support for ruggedized devices their field technicians use out in the field. Retailers are also expressing an interest in supporting ruggedized devices, which is an area were exploring today.

Jeff Abbott: The public sector comprising federal, state, and local have unique requirements, of which Nayaki and I have had several conversations about. Many capabilities for vertical markets are still very horizontal. Were seeing that as organizations discover the nuances of their use of edge computing and edge technology, more specialized vertical market requirements will become more dominant. I think were covering 90% or more of the security requirements now. Thats especially the case in discovery, patch management, and patch intelligence.

VentureBeat: How do you integrate an AI-based platform into a legacy system tech stack or infrastructure? What are the most valuable technologies for accomplishing that, for example, APIs?

Nayaki Nayyar: We have a pretty strong connector base with existing systems. I wont call them a legacy. We need to coexist with existing systems, as many have been installed for 10 to 15 years at a minimum in many organizations. To accomplish this, we have 300 or more connectors out of the box that can be leveraged by our customers, resellers, and partners. Were committed to continually strengthening our ecosystem of partners to provide customers with the options they need for their unique integration requirements.

VentureBeat: Could you share the top three lessons Ivanti has learned, designing intuitive user experiences to guide users using AI-based applications?

Jeff Abbott: I think the most important lesson learned is to provide every customer, from SMBs to enterprises, data-driven insights that validate AI is performing appropriately. Ensuring that self-healing, self-servicing, and all supporting aspects of Ivanti Neurons protect customers assets while also contributing to more efficient ITSM performances.

When it comes to preventing ransomware attacks, the key is to always provide users with the option of performing an intuitive double-check. One day your organization could be very healthy. But, on the other hand, you may not be paying attention to the intuitive signals from AI, which could lead to the organization falling victim to an attack. Taking an active position on security, which includes knowing your organizations tools and understanding what they can achieve, is important.

Nayaki Nayyar: User experiences require a three-prong approach. Start by concentrating first with humans in the loop, recognizing the unique need for contextual intelligence. Next, add the need for augmented AI, and then the last level of maturity is humans out of the loop.

For customers, this translates into taking the three layers of maturity and identifying how and where user experience designs deliver more contextual intelligence. The goal with Ivanti Neurons is to remove as many extraneous interactions with users as possible, saving their time only for the most unique, complex decision trade-offs that need to be made. Our goal is to streamline routine processes, anticipate potential endpoint security, patch management, and ITSM-related tasks, and handle them before a user sees their impact on productivity and getting work done.

VentureBeat: With machine learning models so dependent on repetitive learning, how did you design the Ivanti Neurons platform and related AI applications to continually learn from data without requiring customers to have data scientists on staff?

Nayaki Nayyar: Were focused on making Ivanti Neurons as accessible as possible to every user. Weve created an Employee Experience Score, a methodology to identify how effective our customers experiences are on our platform to achieve that. Using that data, we can tell which application workflows need the most work to further improve usability and user experiences and which ones are doing so well that we can use them as models for future development.

Were finding this approach to be very effective in quantifying [whether] were meeting expectations or not by individual, employee, division, department, and persona. This approach immediately gets organizations out of using ticket counts as a proxy for user experience. Closing tickets alone is not the SLA that needs to be measured alone. Its more important to quantify the entire experience and seek new ways to improve it.

VentureBeat: How do you evaluate potential acquisitions, given how your product and services strategy moves in an AI-centric direction? What matters most in potential acquisitions?

Jeff Abbott: Were prioritizing smaller acquisitions that deliver high levels of differentiation via their unique technologies first, followed by their potential contributions to our total addressable markets. Were considering potential acquisitions that could strengthen our vertical tech stack in key markets. Were also getting good feedback directly from customers and our partners on where we should look for new acquisitions. But Id like to be clear that its not just acquisitions.

We also have very interesting partnerships forming across industries, focusing on telco carriers globally. Some of the large hardware providers have also proposed interesting joint go-to-market strategies, which we think will be groundbreaking with the platform. Were also looking at partnerships that create network effects across our partnership and customer base. Thats what were after in our partnership strategy, especially regarding the interest were seeing on the part of large telco providers today. So, were going to be selective. We will go after those that put us in a differentiation category. The good news is that many nice innovative companies are getting into that level of maturity.

Where we can partner or acquire them, were focused on not disrupting the trajectory theyre on. It creates a much bigger investment portfolio to continue to advance those solutions.

Nayaki Nayyar: Were very deliberate in what acquisitions we do for two primary reasons. One is to strengthen the markets that we play in. We compete in three markets today, and our recent acquisitions strengthen our position in each. Our goal is to be among the top two or top three in each market were competing in. An integral part of our acquisition strategy is looking at how a potential acquisition can increase our entire addressable market and gain access to adjacent markets that we can start to grow in.

We are in three markets: UEM, security, and service management. As were converging these three pillars into our Ivanti Neurons platform, we are evolving into adjacent markets like DEX (Digital Experience Management) So far, our approach of relying on acquisitions to strengthen our core three markets is working well for us. To Jeffs point, strengthening what we have to further to be a top vendor in these markets is working, delivering strong, differentiated value to our customers.