LogicHub Inc. is emerging from stealth to join the crowded cybersecurity market today with $8.4 million in fresh funding and a novel approach to machine-aided security that puts humans first.

The company, which was founded by two former Arcsight Inc. executives, says that the current trend toward applying artificial intelligence and machine learning to the process of sniffing out and containing security threats is less effective than augmenting the knowledge of human experts.

It proposes instead to learn from what skilled security professionals already do and use computers to apply that knowledge to the same tasks at great speed and higher capacity. LogicHub claims its approach can reduce the risk of overlooked breaches by a factor of 10, while enabling the security industry to put a dent in a skills shortfall that is expected to total more than 1.5 million people by 2020.

The problem with machine learning, Chief Executive Kumar Saurabh said in an interview, is that it takes too long with the current technology to teach machines everything they need to know. “Over the last 15 years we’ve built a lot of analytics systems that give you the answer if you formulate the question the right way,” he said, “but analysts need to ask 10, 20 or 30 questions that are all linked to each other because they don’t know what the attack is.” Saurabh cited informal research that found that chief information security officers have little faith in their automated security information and event management platforms, but a high level of confidence in their human analysts.

There just aren’t enough human analysts. “It takes two hours for an analyst to detect a problem in just a few seconds’ worth of data,” Saurabh said. “How many analysts are you going to need?”

The complexity and drudgery of training artificial intelligence systems what to look for is the reason few enterprises use them, he said. “I can’t think of one company that’s deployed Watson [for cybersecurity] fully,” Saurabh said of IBM’s offering.

LogicHub’s technology turns the tables by sitting on top of logging systems like Splunk Inc.’s Splunk and IBM’s QRadar and observing experts from the background as they draw data from multiple sources and go through the steps of capturing flow, events and processes. The company says its goal is to make any new employee or junior-level analyst as capable as the most advanced members of the organization. “We’re automating the process that the analyst uses,” Saurabh said.  “It’s intelligence automation, not artificial intelligence.”

Saurabh and co-founder and Chief Product Officer Monica Jain have the right credentials for the job. He was previously director of engineering at ArcSight, where he worked on pattern and correlation technology for threat discovery and prioritization, while she managed the ArcSight flagship Enterprise Security Manager.

Funding was led by Storm Ventures LLC and Nexus Venture Partners. The company is in testing with a half-dozen customers and expects to have a commercial product within nine months, Saurabh said.

Image by François Philipp via Flickr CC