The True Cost of a Security Breach

Arrow pointing right
ExtraHop Logo
  • Productschevron right
  • Solutionschevron right
  • Why ExtraHopchevron right
  • Blogchevron right
  • Resourceschevron right

Arrow pointing leftBlog

AIOps: Uses Cases, Definition, and What Gartner is Saying

But do you need to care about it?

Jaq Evans

November 30, 2017

What Is AIOps?

AIOps stands for Artificial Intelligence for IT Operations (previously "Algorithmic IT Operations Analytics"). The term refers mainly to IT operations platforms that, well, use artificial intelligence. Many platforms serve up some manner of machine learning these days, so what sets this group apart?

We'll start with Gartner's full AIOps platform definition, as they're the ones popularizing this phrase:

AIOps platforms utilize big data, modern machine learning and other advanced analytics technologies to directly and indirectly enhance IT operations (monitoring, automation and service desk) functions with proactive, personal and dynamic insight. AIOps platforms enable the concurrent use of multiple data sources, data collection methods, analytical (real-time and deep) technologies, and presentation technologies. - from AIOps Platforms, by Andrew Lerner

What's Underneath All Those Buzzwords? A Capable Platform

Like a burger at a gastropub, that definition could use some deconstruction. The first bit is fairly self-explanatory—big data, machine learning, advanced analytics—but the end of that sentence is the part that really caught our eye: "Proactive, personal, and dynamic insight."

AI has gained serious footholds in our personal lives, from Amazon Alexa to Siri. As far as IT operations platforms go, however, machine learning tends to be an icing-on-the-cake style experiment rather than a fully realized wingman for IT teams.

But if big data and advanced analytics are going to be table stakes going forward (which they pretty clearly are), Houston has a problem: there are not enough humans with enough time to parse all that analysis and make decisions. Gartner is putting into words what we all know is true. The only way to keep up is to get help, and not the kind with two hands. Basically, we need Alexa's next upgrade to automatically discover and classify assets, understand the context, and tell us when something needs real-person attention. We also need to trust that it knows when to get proactive with alerts, and that it can prioritize our work for us across a bunch of very different systems and requirements.

In short, a good AIOps platform will:

  1. Give you easy access to all the data from all the sources in all the world. Or at least in your enterprise's world.
  2. Make it simple for you to effectively use that data to drive meaningful action.

Give Me Some Examples?

Sure. If you were to use an AIOps platform in your day-to-day, you'd be able to do things like the following:

  • Automate the boring stuff. Stop spending your own time manually mapping assets and sifting through every little alert when something goes wrong (or, more likely, when nothing happened at all). AIOps should tell you what's in your environment, not the other way around.
  • Collaborate with less friction. Instead of going through the time and politics of correlating data with other teams, let AI do it for you by drawing from all data sources at once. Everyone will see what they need to see, when and how they need to see it.
  • Spot and prioritize serious problems faster. Anomaly detection with AI is a no brainer, but the real benefit here comes with the ability of good, powerful machine learning technologies to help you prioritize both your assets and any threats or performance issues that arise.

Take security threats, for example. A human team will probably sort alerts by severity of the threat, so known malware in a minor system might take precedence over a weird blip in your main data center (that later turns out to be the latest form of ransomware). AI, on the other hand, can rapidly figure out which issues are putting your most important assets at the most serious risk, which better equips you to remediate severe threats before they hit the business where it hurts.

Will AIOps Stick Around?

Hard to say if the term itself has legs, but we're pretty confident machine learning will continue to gain importance in the enterprise monitoring sphere. As AI grows more sophisticated and more teams—security and Dev Ops in particular—come to appreciate better automation and anomaly detection, you can expect to see AIOps platforms knock legacy vendors off their pedestals in most areas of IT.

We're certainly seeing that prediction come true here at ExtraHop, both on the IT Ops and Security sides of the table. As any data scientist will tell you, effective machine learning is all about the data, not the math. ExtraHop trains machine learning models on over 4600 wire data metrics, resulting in just about the most focused and accurate AI around.

Check it out for yourself with the live, interactive online demo of either the ExtraHop Platform (for DevOps and other performance folks) or ExtraHop Reveal(x), which boasts an exclusive armada of automated threat detections and SOC-specific workflows. Choose your demo now!

Experience RevealX NDR for Yourself

Schedule a demo