Naval Information Warfare Systems Command (NAVWAR) enterprise announced the winner of its third prize challenge in the Artificial Intelligence Applications to Autonomous Cybersecurity Challenge (AI ATAC) series at the U.S. Navy-hosted HACKtheMACHINE Unmanned event on November 18.
The winner of the challenge and the $750,000 prize, was Splunk Inc. (NASDAQ: SPLK), a data platform leader. Their submission, Splunk® SOAR, had the best performance based on the criteria of the challenge, which focused on enhancing the Security Operations Center (SOC) using artificial intelligence (AI) and/or machine learning (ML) tools to automate the detection and prevention of advanced persistent threats and other cybersecurity campaign activity.
Managed by Program Executive Office (PEO) for Command, Control, Communications, Computers and Intelligence (C4I)’s Cybersecurity Program Office (PMW 130), the challenge called for white papers describing the technology, overview and demonstration videos, corresponding technology (virtual machine hardware and/or any included and necessary software) and a setup guide.
“We have found these challenges to be a productive way to bring industry, academia, government and individual thinkers together to partner on collaborative solutions focusing on major Department of Defense priorities, in this case AI and ML,” said John Armantrout, PMW 130 program manager.
Current SOC procedures require a tremendous amount of time and effort to triage alerts, link related logs, perform incident response, and document investigations. Through this AI ATAC Prize Challenge, PMW 130 solicited security orchestration and automated response (SOAR) tools that use AI and/or ML to enhance SOC effectiveness for competitive evaluation. This challenge measured the performance of these tools based on specific SOAR capability criteria to determine how well they would provide improvements to U.S. Navy SOCs across the world.
“SOAR tools provide a tremendous value to SOC analysts and completing this prize challenge brings us one step closer to deploying these capabilities to the fleet,” said Mike Karlbom, PMW 130 technical director of AI/ML. “This evaluation was different from previous AI ATAC Prize Challenges, as we obtained participation from a large number of U.S. Navy SOC analysts around the globe. Obtaining their unique perspectives and inputs on which tool met their needs the most ensures the warfighter receives the tools they need to maintain information superiority in the cyber warfighting domain.”
As with the other challenges in this series, the program office partnered with Oak Ridge National Laboratory, a Department of Energy laboratory in Tennessee, which provided facilities and expertise for evaluating the technical solutions.
Scoring was based on each tool’s ability to rank alerts, ingest data, facilitate playbook creation and execution, automate ticket population and common tasks, and facilitate communication between potentially geographically separated SOCs. The winning submission was the one whose cumulative score across all of these areas was highest.
"It is an immense honor to receive this award from the U.S. Navy on Splunk's SOAR offering," said Teresa Carlson, President and Chief Growth Officer, Splunk. "At Splunk, we are heavily invested in supporting agencies worldwide in leveraging technology to complete their missions. Being chosen by an independent panel for our ability to meet the critical needs of the U.S. Navy further validates Splunk as a strategic partner in helping secure our nation's cybersecurity posture."
This was the third AI ATAC prize challenge conducted by NAVWAR enterprise. The first challenge explored the capability for endpoint security products to incorporate AI and ML models to detect and defeat indicators of compromise, while the second focused on AI and ML technologies that detect adversarial campaigns by monitoring network observable behaviors or by analysis of data collected across an enterprise.
About NAVWAR
NAVWAR identifies, develops, delivers and sustains information warfighting capabilities and services that enable naval, joint, coalition and other national missions operating in warfighting domains from seabed to space and through cyberspace. NAVWAR consists of more than 11,000 civilian, active duty and reserve professionals located around the world.