April 2025
Automated Advice for NBSIEM+ Incident Tickets:
Bringing Generative AI to Cyber Defense
Artificial Intelligence has been making headlines for months, especially since the release of ChatGPT brought Generative AI into the public spotlight. What many people do not realize is that Network Box has been using AI for more than twenty years.
Our technologies have long included statistical models, Bayesian learning, heuristic systems, and neural networks. These methods power many of our detection and analysis engines: from malware and spam filtering to intrusion prevention, URL categorization, and backend malware analysis.
For more than a decade, we have known that signature-based detection alone cannot keep pace with the rapidly evolving world of cyber threats. The only way to stay ahead of attackers is to embrace intelligent, adaptive systems that learn and respond dynamically.
The Promise and the Pitfalls of AI
AI has enormous potential, but it also comes with serious limitations. Generative AI, in particular, can produce results that are astonishing one moment and deeply flawed the next.
As the saying goes, “To err is human, but to mess up takes a computer.” A fair update for the modern era might be: “To truly crash and burn requires AI.”
At this stage, AI should not be trusted to make independent decisions about critical systems. We would not let it fully control a car, operate a robot unsupervised, or decide which network traffic to block or allow. Ninety-nine percent accuracy sounds impressive until that remaining one percent leads to a costly, avoidable mistake. Human oversight remains essential.
Introducing Automated Advice for NBSIEM+ Incident Tickets
With those realities in mind, we are proud to announce a carefully designed, human-supervised implementation of Generative AI: Automated Advice for NBSIEM+ Incident Tickets.
Until now, when NBSIEM+ detected and escalated an event to create an incident ticket, it used a simple template to describe the issue. Starting today, our new Generative AI model will automatically generate advice and context within the incident ticket itself.
Using both the original event data and the raised ticket text as input, the system composes a summary that includes background information, an explanation of the issue, and actionable recommendations for how to address it.
This feature does not replace human expertise; it enhances it. Every automated note is clearly labeled as Automated Analysis, and customers can continue the discussion directly on the ticket with a real Security Operations Center (SOC) engineer at any time.
How It Helps
The AI-generated advice is not meant to be perfect. It will never replace the insight of an experienced analyst. However, it can occasionally surface useful details that might otherwise be missed, or provide a helpful starting point for decision-making.
You may have already noticed these automated summaries appearing in NBSIEM+ incident tickets since March 25, 2025. Beginning today, we are officially rolling out this feature globally to all users.
There is no additional charge for this service.
What’s Next: AI-Powered Event Analysis
This is only the beginning. In our upcoming major NBSIEM+ upgrade, scheduled for release in Q2 2025, we will launch a second Generative AI feature: Automated Advice for Events.
Users will be able to click on any event to instantly receive a short summary, analysis, and recommended actions. The analysis will typically be completed within ten to fifteen seconds, providing fast, relevant guidance while you work.
Just like the current feature, this will also be included at no additional cost.
The Future of AI at Network Box
At Network Box USA, we are committed to using AI responsibly. We design these systems to assist, not replace, human judgment. The goal is to make cybersecurity management faster, clearer, and more accessible without sacrificing reliability or control.
As AI continues to evolve, we will keep refining how it supports our users—always with transparency and oversight at the core.
Generative AI is opening a new chapter in cybersecurity. With careful implementation, it can help our clients better understand threats and manage incidents more effectively than ever before.
As an example, here is the automated analysis of a recent NBSIEM+ incident ticket:
