Crogl: Delivering Secure AI Solutions for the SOC with Spectra Assure

Crogl delivers a fully autonomous AI solution for security operations centers (SOC). The goal is to revolutionize how security teams investigate threats, solve problems with multiple data sources, and triage alerts without the constraints of pre-defined playbooks. With customers ranging from Fortune 500 companies and government agencies to technology start-ups, the need for solution privacy and security is paramount. To maintain privacy, Crogl’s solution operates in customers’ on-premise and private cloud environments, which also creates a varied set of software security and safety requirements.

Crogl is a compound AI system that leverages multiple AI models, tools, and custom components to enhance versatility and re-usability, compared with using a single model.

Spectra Assure™ delivers the visibility Crogl requires. “We want to build a product that customers can have confidence in, and they know when they deploy it, that it's safe and it's secure,” said Merza. “We looked around at other products, but we really needed something that can cut across the gamut of requirements that we have. We use Spectra Assure so we can get that full picture.”

Manage Risk Across Large Releases

One challenge Crogl faced was assessing the risks associated with different components in a complex software package. “For us, security is not an afterthought. It is part of how we develop, how we code on a minute-to-minute, hour-to-hour basis, and also how we do product release,” said Monzy Merza, co-founder and CEO of Crogl.

Crogl uses Spectra Assure to detect risks invisible to traditional security tools, including malware, tampering, exposed secrets, and suspicious behaviors. Spectra Assure quickly deconstructs software to deliver a comprehensive software bill of materials (SBOM), including proprietary, third-party and open-source libraries, and artifacts added during compilation. “We believe that technology that is used by the security teams should be better, it should be robust, it should be safe, it should be secure,” said Merza. “The reason why we use Spectra Assure — it's in the name. We want to be sure that what we're releasing to our customers is safe.” By mapping specific components and artifacts to detect threats and risks, Spectra Assure simplifies prioritization and provides details to enable remediation. It also detects unsafe functions, suspicious files, and malicious behaviors in AI/ML models and scripts.