Almond, along with AMOSSYS, forms an independent French group specializing in cybersecurity. With 450 experts in France and Switzerland, and international service centers to ensure 24/7 operations, Almond anticipates future threats and offers an end-to-end solution to address all of its clients' cyber defense challenges (anticipation, protection, detection, response, restoration, and governance).
Facing growth in alert volumes, increasingly sophisticated automated attacks, and mounting pressure on human analysts to effectively triage and investigate incidents, Almond recognized the need for technological advancement in their security operations.
Julien Steunou, Managing Partner of Security Services at Almond, had a clear mission:
“We needed a system that could autonomously investigate alerts and deliver actionable verdicts. Something we could trust enough to integrate into our workflows and reduce pressure on our analysts while improving response times.”
The initiative extended beyond mere acceleration: it aimed to fundamentally transform their Security Operations Center (SOC) into a more scalable, efficient entity where human expertise could be concentrated on high-value analytical work.
After evaluating multiple solutions that failed to deliver on their promised outcomes, Almond selected Qevlar AI to power the next evolution of their SOC optimization strategy.
Qevlar AI was connected directly to Almond’s orchestration tools. Now, as soon as an alert is triggered, Qevlar autonomously:
“In more than 80% of cases, Qevlar AI handles the entire investigation autonomously,” Julien explains. “We only escalate to human analysts when the confidence score is low, or the case is critical.”
Qevlar's implementation has delivered quantifiable results:
Qevlar AI integrates seamlessly within Almond's broader technology ecosystem (also known as Almond CWATCH SOC), complementing their SOAR, SIEM, ITERA (detection-as-code), and M&NTIS (for adversary simulation) while significantly enhancing their operational efficiency.
Almond identifies Qevlar's principal advantage as enabling scalability during activity surges, maintaining consistent responsiveness even under heavy attacks, and expanding protective coverage across their customers.
Almond's forward-looking strategy emphasizes enhanced contextual adaptation, with Qevlar AI evolving to better accommodate the unique security profiles of individual clients and continuously improving performance based on environment-specific factors.
Additionally, as Qevlar AI assumes greater responsibility for routine investigations, Almond aims to leverage its capabilities toward more proactive threat hunting transitioning from reactive incident response to predictive security operations that can anticipate potential attack vectors before they materialize into actual threats.
Qevlar AI acts as an invaluable extension of your SOC team to process large and variable security data streams and perform autonomous and detailed alert investigations. Our advanced AI models are trained on proprietary and public data, and are fine-tuned and re-trained for continuous improvement.
The platform, which is trusted by MSSPs and enterprises around the world, seamlessly integrates with existing systems, employs advanced techniques for unparalleled threat qualification, and provides in-depth threat assessments within user-friendly interfaces.