A summary of Discern Security
Wouldn’t you prefer to have your security team focus on figuring out your cyber security strategy and on countering threats vs continuously firefighting and battling Security Debt? Security Debt occurs when customers fall behind on their day-to-day cyber security related activities. For example, every customer we work with faces security debt as they fall behind on time-consuming tasks like identifying coverage gaps, uncovering unprotected assets, turning on controls and fine tuning them in multiple security products, keeping track of and prioritizing vulnerabilities or building a cyber culture and a security awareness program and tracking down untrained users. Discern Security’s Darcy AI platform can solve all the different types of Security Debt and is a single stop to help customers stay current with their security posture.
How does Discern work?
So how does Discern work? We are firstly a cybersecurity crystal ball, giving real-time, up-to-date cyber security insights. We help you with insights about your assets and coverage gaps, open vulnerabilities and which ones are high priority, human risk scores and what to do with risky users and specific targeted controls that need to be turned on immediately—all in one place. Our platform delivers the insights you need in minutes. Need to know, ‘Are we protected against specific CVEs, and how?’ Discern provides immediate, actionable answers. Whether it’s identifying gaps in vendor security controls, uncovering unprotected assets, or mitigating emerging vulnerabilities, we keep your team one step ahead of threats. Further, our AI actions platform can help your team actually carry out actions to resolve your security debt.
Our Architecture
What are the root causes of Security Debt and how can Darcy AI help solve these problems?
Problem 1: A shortage of talent!
There is a global shortfall of 2.8M3 Cybersecurity professionals with 28% of all cyber security jobs going unfilled. The biggest reason for this shortfall is the lack of qualified candidates as per a BCG study in 2024. In turn, this cybersecurity talent shortage contributes significantly to security debt as 69% of CISOs say that their talent shortage is a top barrier for achieving their security posture4.
Source of image: ISACA study 2019, https://skillstx.com/cybersecurity-skills-shortage/
How Darcy AI can mitigate the shortage of security talent and expertise
With Darcy AI, Discern security deployments show that an individual who could write controls for 1 security product can now manage controls for >10 Security products by automating assessments and deep guidance for writing controls.
Problem 2: Too many Security products
An average enterprise has >50 Security tools5. Even worse, a majority of CISOs admit that their security tools are under-utilized6. Discern’s internal research shows that average utilization of Security controls by enterprise customer is ~20%. An example of Customer utilization of their security controls is below.
% Utilization by Security Product
How Darcy AI can help with tools optimization, overlap analysis and rationalization
We can now leverage Darcy AI to identify overlap across security products, drive consolidation and drive higher utilization of these products. LLMs can be purpose built to identify utilization rate of each cyber product. Another set of LLMs can map the capabilities of each security product and show overlap across these products. Overall we can use AI to drive up utilization of Security products over a few months and also eliminate redundant products. An example of the former is shown.
Problem 3: Incomplete security coverage and deployments
Very few Security products are deployed fully. Discern’s research shows that an average customer has a coverage gap of at least 5% across all their assets. Even worse, most customers have a few security tools where the coverage gap is even more significant. A sample graph is shown below.
How Darcy AI can optimize coverage and asset management
Darcy AI can be leveraged to identify coverage gaps and bottom up identify assets that are missing security controls. An example is below.
Problem 4: An incomplete posture with parts of the security program unmanaged!
Most organizations have at least parts of their footprint unmanaged from a cyber standpoint. A sample chart is show below that shows how many MITRE attack types are left uncovered by customers.
How Darcy AI can solve help security teams gain control
Darcy AI can map an organizations’ controls holistically to a security framework like MITRE and show the risks that an organization has chosen to ignore or show the defenses that the organization has chosen not to embrace. While 100% coverage is not achievable, AI can help organizations make measured decisions about risk.
Problem 5: Too many threats and vulnerabilities- no prioritization
As external threats and types of threats accumulate esp. in this age of AI, customers struggle to keep up leading to an organization becoming vulnerable to specific threats
How Darcy AI can solve prioritize threats and vulnerabilities and identify compensating controls
How Darcy AI can AI can continuously map threats and also automatically help customers identify defenses against these threats. An example is shown below.
Problem 6: Falling behind in building a secure culture!
Organizations neglect their security culture- security is a team effort and failure to build a security culture is a type of security debt. A sample chart below shows culture and risks by department.
How Darcy AI can help build a secure culture
Many attacks begin with vulnerable humans. We can use AI to identify risk humans and to fortify risky humans. An example is shown below.
Conclusion
In conclusion, Discern’s Darcy AI is the first holistic platform dedicated to solving Security Debt. We leverage our AI agents to solve multiple sub problems that lead to security debt.
