N-able Expands AI-Driven SOC Capabilities to Boost Global Business Resilience
New AI-powered detections analyze every PowerShell execution and multi-layer telemetry to uncover stealth attacks that traditional security tools miss
N-able, Inc. , a global cybersecurity company delivering business resilience, announced new AI‑powered detection capabilities to its Security Operations Center (SOC) delivered through Adlumin Managed Detection and Response (MDR). The enhancements include advanced detections: Anomalous PowerShell, DNS Disruption, and anomalous process execution through the Single-Event Process Execution (SEPE) AI Model, helping organizations identify and stop increasingly stealthy cyberattacks to achieve business resilience.
Catch more IT Insights: Why Secure Remote Access Is the Biggest Risk in Operational Technology Today
As attackers increasingly rely on trusted tools such as PowerShell and DNS to evade detection, many traditional security approaches can leave critical blind spots. According to N-able’s 2026 State of the SOC Report, nearly half of observed attacks never touched the endpoint at all, instead unfolding across network, perimeter, cloud, or identity layers. These new capabilities expand N‑able’s AI‑driven security operations, providing deeper, layered visibility across identity, endpoint, and network behavior to help detect and respond to malicious activity at every layer.
“The fastest‑growing attacks today don’t look malicious, they look like business as usual,” said Troels Rasmussen, Vice President, General Manager of Security at N‑able. “Threat actors are blending into everyday activity using built‑in tools like PowerShell. Our AI-driven approach correlates PowerShell, DNS Disruption, and process behavior to expose what legacy tools miss, helping teams detect and respond earlier, even when attackers are deliberately trying to disappear.”
N‑able has introduced new AI‑powered detections focused on uncovering subtle, high‑risk activity, including:
- Anomalous PowerShell Detection: Provides real-time visibility into malicious commands and addresses the rise of living‑off‑the‑land techniques, where attackers abuse legitimate tools to blend in. Instead, it evaluates every PowerShell execution across monitored environments, applying AI‑driven analysis to detect subtle indicators of misuse that would otherwise appear legitimate.
- DNS Disruption Alert: Introduces machine learning–driven detection of suspicious DNS behavior, including command-and-control (C2) activity, beaconing, and distributed denial-of-service (DDoS) to identify patterns. This capability helps SOC analysts uncover malicious communications that often evade traditional endpoint monitoring.
- SEPE AI Framework: Detecting Anomalous Process Behavior: Detects anomalous Windows process activity and behavior across customer environments. Each event is analyzed across multiple attributes, including process name, path, parent process, and parent process path, providing SOC analysts with a deeper behavioral context.
Read More: Build vs Buy: Should Enterprises Develop or License Domain-Specific Language Models?
Strengthening the AI-Driven SOC
These enhancements reinforce N-able’s broader strategy to embed practical AI capabilities throughout its business resilience platform, helping organizations identify threats earlier, automate detection workflows, and reduce operational burden on security teams.
The speed and sophistication of modern cyberattacks are exposing the limits of traditional detection, making layered visibility across endpoint, identity, and network activity increasingly critical. By applying AI detections within the SOC, N-able continues to help organizations strengthen security outcomes while maintaining operational efficiency.
Write to us [wasim.a@demandmediaagency.com] to learn more about our exclusive editorial packages and programmes.
