VIPRE AI Advisor is a computer program designed to simulate human conversation available to Administrators and Analysts within the VIPRE Endpoint Detection & Response (EDR) web consoles. It allows you to take certain actions and ask for clarification on specific topics related to your EDR site. It utilizes artificial intelligence technologies like natural language processing and machine learning to understand and respond to the user and to learn based on interactions during the current session. 

Important: VIPRE AI Advisor does not save a history of interactions from one session to the next for your organization's privacy. 

Enable VIPRE AI Advisor

VIPRE AI Advisor is turned off by default. 

1. Log in to the EDR admin web console
2. Navigate to Setup > System > Settings
3. Scroll down and click the button next to VIPRE AI Advisor
4. Select Update Settings at the top

Once you update the settings, the VIPRE AI chatbot icon will appear on the bottom right portion of the screen.

Legal Disclaimer

The content within VIPRE AI Advisor is generated by an artificial intelligence (AI) system. As with all similar Large Language Model-based AI systems, content within the system is generated by synthesizing vast quantities of information collected from public sources across the internet, most of which we do not control. As a result, while we strive for accuracy and quality it is important to note that the information provided may not be entirely error-free or up-to-date. We recommend independently verifying the content and answers provided by VIPRE AI Advisor, and consulting with professionals for specific advice or information. 

How to use VIPRE AI Advisor

Once enabled, several ways exist to access VIPRE AI within the EDR web console.

VIPRE AI Advisor Chatbot

1. Click the VIPRE icon in the bottom right corner
2. VIPRE AI will present you with some suggestions as well as the option to type your own question or command
   • Default suggestions include:
     • Tell me what you can do - AI Advisor will respond with a list of things it can help you with, including, but not limited to, analyzing links or files, explaining security implications of scripts, explaining certain technical concepts, and more.
     • Analyze this link - AI Advisor will instantly present you with a form where you can type the link to be analyzed. Simply type your desired URL and press Enter to receive a full link analysis.
     • Provide me with a secure link for this site - AI will instantly present you with a form where you can type the link to be opened with Remote Browser Isolation. Simply type your desired URL and press Enter to receive a secure link.

Reports

There are several reports from which you can access VIPRE AI Advisor.

Threat Detection Report   Within the Threat Detection Report, select Source > AMSI from the filters column. When you select any of these threats, you'll see several details regarding this threat, including the option to obtain more details via AI Advisor. Clicking the AI Advisor button will open the VIPRE AI Chatbot.
Threat Summary Report   Within the Threat Summary Report, filter threats by clicking AMSI under Detection Sources to show only AMSI-sourced threats within the table. When you select any of these threats, you'll see several details regarding this threat, including the option to obtain more details via AI Advisor. Clicking the AI Advisor button will open the VIPRE AI Chatbot.
Web Activity Summary Report   Within the Web Activity Summary Report, you can click on any entry in the table and be presented with the VIPRE AI Advisor. Clicking the AI Advisor button will open the VIPRE AI Chatbot with a command to analyze the URL.    Tip: While you're here, having AI Advisor analyze this link, you can take it one step further and ask it to launch a remote browser, using Remote Browser Isolation, by typing “Provide a secure link for me .”

Incidents

1. Filter by *Unhandled and select the desired Incident ID in the table
2. Scroll down to Command Line and click the AI Advisor button

This will automatically ask VIPRE AI Advisor to explain the security implications of the specific Windows command line script.

Use Cases

Scenario 1: The Security Analyst has a link she needs to have analyzed. She opens VIPRE AI Advisor and types, “Analyze www.potentialbadsite.here”. It may take a few seconds to complete the Link Analysis but VIPRE AI Advisor responds with certain details about the website, including a downloadable screenshot. She thinks the site looks safe but isn’t fully convinced yet and wants to view the site in a safe environment first, without risking her computer or network. She follows up with an additional request - “Provide a secure link for this site”. VIPRE AI Advisor responds, utilizing Remote Browser Isolation, and provides User B with a secure link she can use to actually open the website in a sandbox environment and obtain additional details, such as what cookies are being used, any external links on the page, and more.

Scenario 2: The System Administrator is reviewing unhandled Incidents within the EDR web console and needs additional information about the command-line script that was initiated. Within the Incident details, under Command Line, he clicks the AI Advisor button, which automatically sends a command to VIPRE AI Advisor to explain the command line and its security implications.