N-able Expands AI-Driven SOC Capabilities to Further Business Resilience for Worldwide Customers
New AI-powered detections analyze every PowerShell execution and multi-layer telemetry to uncover stealth attacks that traditional security tools miss
N-able, Inc. (NYSE:NABL), a global cybersecurity company delivering business resilience, today announced new AI‑powered detection capabilities to its Security Operations Center (SOC) delivered through Adlumin Managed Detection and Response (MDR). The enhancements include advanced detections: Anomalous PowerShell, DNS Disruption, and anomalous process execution through the Single-Event Process Execution (SEPE) AI Model, helping organizations identify and stop increasingly stealthy cyberattacks to achieve business resilience.
This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260325508226/en/
Troels Rasmussen, Vice President, General Manager of Security at N‑able
As attackers increasingly rely on trusted tools such as PowerShell and DNS to evade detection, many traditional security approaches can leave critical blind spots. According to N-able's 2026 State of the SOC Report, nearly half of observed attacks never touched the endpoint at all, instead unfolding across network, perimeter, cloud, or identity layers. These new capabilities expand N‑able's AI‑driven security operations, providing deeper, layered visibility across identity, endpoint, and network behavior to help detect and respond to malicious activity at every layer.
"The fastest‑growing attacks today don't look malicious, they look like business as usual," said Troels Rasmussen, Vice President, General Manager of Security at N‑able. "Threat actors are blending into everyday activity using built‑in tools like PowerShell. Our AI-driven approach correlates PowerShell, DNS Disruption, and process behavior to expose what legacy tools miss, helping teams detect and respond earlier, even when attackers are deliberately trying to disappear."
N‑able has introduced new AI‑powered detections focused on uncovering subtle, high‑risk activity, including:
- Anomalous PowerShell Detection: Provides real-time visibility into malicious commands and addresses the rise of living‑off‑the‑land techniques, where attackers abuse legitimate tools to blend in. Instead, it evaluates every PowerShell execution across monitored environments, applying AI‑driven analysis to detect subtle indicators of misuse that would otherwise appear legitimate.
- DNS Disruption Alert: Introduces machine learning–driven detection of suspicious DNS behavior, including command-and-control (C2) activity, beaconing, and distributed denial-of-service (DDoS) to identify patterns. This capability helps SOC analysts uncover malicious communications that often evade traditional endpoint monitoring.
- SEPE AI Framework: Detecting Anomalous Process Behavior: Detects anomalous Windows process activity and behavior across customer environments. Each event is analyzed across multiple attributes, including process name, path, parent process, and parent process path, providing SOC analysts with a deeper behavioral context.
Strengthening the AI-Driven SOC
These enhancements reinforce N-able's broader strategy to embed practical AI capabilities throughout its business resilience platform, helping organizations identify threats earlier, automate detection workflows, and reduce operational burden on security teams.
The speed and sophistication of modern cyberattacks are exposing the limits of traditional detection, making layered visibility across endpoint, identity, and network activity increasingly critical. By applying AI detections within the SOC, N-able continues to help organizations strengthen security outcomes while maintaining operational efficiency.
For more information, visit the N-able product pages.
N-able will showcase its AI-powered cybersecurity platform at RSA Conference 2026, which will take place March 23-26 at the Moscone Center in San Francisco, California. Attendees can visit N-able at Booth #1449 in the South Hall: https://www.n-able.com/rsa-conference-2026.
Forward-Looking Statements
This content may contain forward-looking statements regarding future product plans, development efforts and investments. N-able considers various features and functionality prior to any final generally available release. Information regarding future features and functionality, or investments, is not and should not be interpreted as a commitment from N-able that it will deliver any specific feature or functionality, or make such investments, in the future or, if it delivers such feature or functionality, or does make such investments, any time frame when that feature or functionality will be delivered or investment will be made. All information is based upon current product interests, and product and business plans and priorities can change at any time. N-able undertakes no obligation to update any forward-looking statements regarding future product plans, development efforts or investments if product plans or priorities change.
About N-able
N‑able protects businesses from evolving cyberthreats. Our AI powered cybersecurity platform delivers business resilience to more than 500,000 organizations worldwide, leveraging advanced end-to-end capabilities, simplified workflows, market leading integrations, and flexible deployment options to improve efficiency and drive critical security outcomes. Our partner first approach pairs our technology with experts, training, and peer-led events that empower customers to be secure, resilient, and successful. n-able.com
© 2026 N-able Solutions ULC and N-able Technologies Ltd. All rights reserved.
The N-able trademarks, service marks, and logos are the exclusive property of N-able Solutions ULC and N-able Technologies Ltd. All other trademarks are the property of their respective owners.
Category: Product
View source version on businesswire.com: https://www.businesswire.com/news/home/20260325508226/en/
Krystal Rennie
[email protected]