Blog and Media

Alex, Thaman, Our Chief Technology Officer writes about the effects of AI on the cybersecurity stack. Artificial intelligence (AI) is profoundly transforming cybersecurity, reimagining detection through remediation. While AI’s value across cybersecurity workflows has been inconsistent, recent breakthroughs in machine learning will significantly decrease organizational risk and become necessary in defense operations to keep up with constantly evolving threats. Modern AI technology requires less specialized data to build capabilities, making it accessible for enterprises of every size and creating a more competitive technology ecosystem.  We have seen AI technology go through four major transitions over the past few decades, all…

MCLEAN, Va., Feb. 11, 2025 (GLOBE NEWSWIRE) — Andesite AI (Andesite) today announced the General Availability of the bionic Security Operations Center (SOC), its human-AI collaboration product empowering cyber defense teams. Additionally, Andesite revealed that it secured an additional $23 million in capital as a second tranche of seed funding from General Catalyst and Red Cell Partners. The investment brings Andesite’s total funding to $38.25 million and is the result of the company’s ahead-of-schedule achievement of technology, customer acquisition, and revenue milestones. Learn more

On Dark Reading, Andesite’s Chief Product Officer William MacMillan writes about how for too long, cybersecurity analysts have been treated as mere cogs in a machine and it’s time to change that and revolutionize security operations. “In the battle against cyber threats, we’re losing our most vital asset: our people. While the industry fixates on the latest tools and technologies, security analysts are burning out, crushed under the weight of an impossible mission. This isn’t just a talent shortage, but an existential crisis threatening the future of cybersecurity defense. Until we prioritize supporting the humans at the heart of cyber…

Andesite’s Chief Product Officer William MacMillan argues on SC Media that so far the attempts to automate the Security Operations Center (SOC) have failed. Almost 20 years since the rise of the SIEM, and 10 years after SOAR platforms first hit the market, SOCs are still struggling. Analysts are drowning in an “everywhere data” environment, struggling to interpret, prioritize, and respond to seemingly never-ending indicators as close as possible to the speed of threat. Many companies run more than 100 different security tools, forcing analysts to bounce between screens and portals, each with its own query language, while trying to…

In this conversation, Brian Carbaugh, CEO and co-founder of Andesite, shares his unique journey from the CIA (and beore that the Marines!) to the world of cybersecurity. He discusses the challenges and rewards of being a founder, the importance of setting a positive tone for the team, and the necessity of resilience in a startup environment. Brian emphasizes the value of building a supportive team culture, the multi-hat lifestyle of a startup CEO, and the critical role of sales and marketing in a competitive cybersecurity landscape. He reflects on why he chose cybersecurity and the excitement of being a founder,…

Rick Howard, N2K CyberWire’s Chief Analyst and Senior Fellow, turns over hosting duties of his podcast, CISO Perspectives, to William MacMillan, the Chief Product Officer at Andesite, to discuss the Cybersecurity First Principle of automation: current state and what happens now with AI as it applies to SOC Operations. Listen here

Former CIA Officers Brian Carbaugh (Andesite’s CEO and co-founder), Dawn Meyerriecks, and Michael Morell partner with MasterClass to teach declassified techniques on how to assess risk, strengthen relationships, and get ahead in life and business. Skills so good, they’ve been kept secret, until now. What you’re about to read is not for civilians’ eyes. Until now. MasterClass has attained access to three of the CIA’s top former officers, who have been given authorization to share their real-life experiences and the valuable lessons they learned about leadership, critical thinking, and risk management. There’s a reason the CIA keeps its techniques a…

A massive system outage disrupted systems around the world, grounding flights, disrupting health care, transport and logistics, banking services and critical infrastructure. The issue hit computers running Microsoft Windows operating system and CrowdStrike software. “CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts,” the company said in a release. “We’re working around the clock and providing ongoing updates and support. Additionally, CrowdStrike has helped us develop a scalable solution that will help Microsoft’s Azure infrastructure accelerate a fix for CrowdStrike’s faulty update,” Microsoft said in a blog post authored by David Weston, vice president, Enterprise…

On Nextgov/FCW, former U.S. officials and security practitioners are wondering how a defective CrowdStrike patch for Windows systems fell through the cracks and created more cascading security risks. CrowdStrike will likely survive and move forward, but, reputationally, it can’t afford another incident like this, said William MacMillan, a former CISO at the CIA. “The update was supposed to be seamless to users,” said MacMillan, now chief product officer at cybersecurity firm Andesite. “Endpoint detection and response has been game changing, but because of where [Falcon] is positioned on the endpoints, if a patch does go wrong … that can have…