Picus Introduces Numi AI, Your New Virtual Security Analyst

The Red Report 2024

The Top 10 MITRE ATT&CK Techniques Used by Adversaries


In today's digital world, cyber security teams face a multitude of challenges that can hamper their efforts to maintain a robust security posture. The exponential increase in information, including threat intelligence data, security findings, and an ever-growing list of tasks, often leads to an overwhelming amount of work and fatigue. This challenge of constantly balancing ‘impossible tradeoffs’ has recently been investigated by Picus Labs in their annual Blue Report 2023. The unsatisfying conclusion is that despite all efforts and investment in security technologies and processes, organizations only succeed at preventing 6 out of every 10 attacks.

This fragmented approach, coupled with the burden of numerous manual tasks such as researching threats and identifying viable mitigations, can significantly strain resources. Moreover, generating meaningful reports often requires in-depth technical expertise, further complicating the process. These challenges underscore the pressing need for a solution that can streamline processes by automating tasks, breaking down silos, and ultimately enhancing the efficiency and effectiveness of security operations.

Meet Picus Numi AI, your new virtual security analyst

Today, we are thrilled to introduce Picus Numi AI, our GenAI-powered virtual cyber security analyst empowering security teams to quickly access critical information about their organization’s security posture. Through simple natural language queries, users can instantly review the findings of security validation assessments and get tailored recommendations to prioritize and address exposures.

AI smart assistant

Numi, a shortened version of Numina, is a Latin term for “divine presence”. It was used by ancient Romans to refer to divine powers and spirits, often associated with specific places or things in nature. As such, Numi represents the magical power of a wayfinder, embedded with the spirit of guidance and support, leading you through your daily challenges with divine insight. (see here what else Numi stands for)

Picus Numi AI’s divinity is based on the extensive Picus Exposure Graph which consolidates essential data and findings from the Picus Security Validation Platform. As such, Numi can provide immediate answers to a wide range of questions. For instance:

  • Which threat actors relevant to my industry were the most active in the past month?
  • What are the most popular threats used by threat actor XYZ?
  • How has my security posture evolved over time?
  • What mitigation actions should I take next?

Providing one central place for quick access to critical information is one of the key strengths of Picus Numi AI. Whether it's the latest threat intelligence data, or urgent findings related to security gaps, Numi AI ensures that you have all the crucial information at your fingertips. This enables you and your team to more easily identify and focus on areas that require immediate attention.

Integration of Picus Numi AI into the Picus platform brings a host of benefits:

  • Elevated Productivity

    By automating tedious manual tasks, Picus Numi AI allows you to achieve more with less effort. This increases efficiency and enables your team to focus on strategic tasks.

  • Increased Assurance

    The increased understanding about your hidden risks and most critical gaps provides assurance and peace of mind, allowing you to make decisions more confidently.

  • Improved Outcomes

    Ultimately, tackling the most critical priorities and mitigating the associated security gaps significantly enhances the overall security outcomes effectively reducing cyber risk for the business.

Picus Numi AI is now in beta and will be generally available to customers next month. If you are interested in becoming an early adopter, please contact us here.

The Picus Exposure Graph


The success of modern AI applications is based on the vast amount of data available to train their models and algorithms. This is no different in cyber. Unless you give yourself - or your virtual security analyst - access to all the data that represents your entire security landscape, you won’t be able to get a holistic view. As a result, many security teams operating a large number of siloed technologies struggle to identify their priorities. While each tool may excel in its own domain, there is a lack of integration and interoperability to share, interpret and prioritize findings.

This is why the Picus Security Validation Platform consolidates essential data about your organization's security posture into the Picus Exposure Graph, a purpose-built knowledge graph consisting of over 70 billion entities and relations between each other. 


As depicted in the visual, Picus Numi AI leverages cutting-edge LLM models. In the first step, it sends the questions provided by the user to an LLM which interprets the natural language and translates it to a meaningful query. Numi then executes this query on the Exposure Graph, surfacing the right information and guidance based on the stored entities and their relations. Finally, the query result is again sent to an LLM to craft a human readable answer which is then shared with the user.

Protecting critical customer data has always been our top priority, and this was no different when building Numi. At no point in time is sensitive information being shared with an (external) AI model. All customer data is always kept secure within the Picus platform and only meta data, such as entities and their relationships between each other, are exposed.

Generative AI is Foundational to the Picus Platform

Artificial Intelligence and Machine Learning have long been part of the Picus platform. The main goal of all of these is to reduce the manual burden security leaders and practitioners face while keeping their organizations safe. 

Essentially, the Picus Security Validation Platform employs three different layers of AI applications:

Reporting & Guidance

How can I best report on our cyber risk?

The top layer summarizes the key insights with tailored reports and clear mitigation guidance, allowing security leaders to better communicate with their peers in the business.

Insight Prioritization & Mitigation

What security gaps do I need to focus on?

Simulating the threats that are most critical to your organization will provide validated evidence about your capability in preventing and detecting the related malicious activities. 

Correlating the findings from various assessments using different offensive security techniques (such as Breach and Attack Simulation, Automated Penetration Testing/Red Teaming, Cloud Security Posture Mgmt, etc.) will surface the most critical gaps that you should focus on next.

Threat Intelligence Collection & Enrichment

What threats do I need to focus on?

The bottom layer builds the foundation by collecting, aggregating and curating threat intelligence data. By combining the information on the latest threat actors with organizational context, such as industry or geography, the amount of relevant threats can be reduced dramatically.

In addition to Picus Numi AI, Picus leverages advanced AI for the following:

Picus CTI and AI-driven Threat Profiling

AI-driven threat profiling

The Picus Cyber Threat Intelligence (CTI) module collects, aggregates and curates cyber threat intelligence from hundreds of data sources and combines it with the existing threat library of the Picus platform. This allows users to quickly search for threats based on a variety of parameters such as threat actors, malware names, regions, targeted industries, etc. 

Additionally, the platform curates customer-specific threat profiles, dynamic templates consisting of all threats that are most relevant to the organization at any point in time. To do so, it correlates the information available in the threat library with information about the organization itself, such as industry, geography, company size, etc. Using these dynamic templates as a source for their simulation activities, security specialists can rest assured that they always validate their security posture against the latest set of relevant threats.

AI-based MITRE ATT&CK mapping

AI MITRE Mapping

Strong incident detection and response capabilities are an indispensable part of any mature security program these days. However, despite the immense efforts in building and maintaining a SIEM, SOC teams oftentimes struggle to understand their detection coverage. Frameworks such as MITRE ATT&CK are great tools to help understand what tactics and techniques are used in the field, but understanding how that applies to your own organization is challenging.

Most often, security analysts are left to manually sift through the 100s of ATT&CK techniques and identify which ones may potentially be covered by a specific detection rule active in their SIEM.

This is where the Picus ATT&CK mapping feature comes into play: it uses GenAI to analyze your rule query and directly suggests relevant ATT&CK techniques. This way, you can map your entire detection rule base to ATT&CK within seconds and get a complete picture of your current detection coverage. Combining this with the Picus platform’s validation capabilities for detection controls, you can now easily identify your biggest gaps and mitigate them using the supplied mitigation recommendations.

Leverage the Latest Advancements in GenAI and Reduce your Cyber Risk with Security Validation

The introduction of Picus Numi AI stands to revolutionize your organization's cybersecurity practices. By leveraging AI technology, you can automate manual tasks, enhance productivity, and improve overall security outcomes. This powerful tool, backed by the comprehensive Picus Exposure Graph, provides a holistic view of your unique security landscape. 

With Picus Numi AI, gain the confidence and assurance you need to protect your organization from today's complex cyber threats without guesswork. Take advantage of this cutting-edge solution and transform the way you manage cybersecurity.

Reach out to us for a demo or hear from our experts from Picus Labs at our April 30th webinar to learn more about how these GenAI capabilities help security experts across the globe.

The (Not So Serious) Family Tree of Numi 

In case you wonder where else Numi’s divine powers are used these days, there are a few relatives of Picus Numi AI that all serve the same purpose: help people relax and enjoy peace of mind.

The Numi 2.0 smart toilet combines unmatched design and technology to bring you the finest in personal comfort and cleansing. 

Numi's delicious De-Stress tea blends spearmint, passionflower, lemon verbena, lemon balm, hibiscus, kanna leaf & licorice root for a relaxing stress relief tea.

Akuma Nihmune, known more commonly as Numi, is an independent English Virtual YouTuber who officially debuted on November 19, 2021. Numi is a half-demon, half-human girl that was kicked out of hell for being "too soft."

What CISO wouldn’t want all things NUMI on their side ;)