DeepTempo, a specialist in deep learning-powered behavioral threat detection, has announced a strategic partnership with Cribl, a provider of data engine solutions for IT and security. The collaboration introduces an integrated solution designed to streamline telemetry collection and leverage deep learning for detecting and stopping polymorphic and agentic AI-driven threats.

Security teams are currently challenged by the rapid growth of telemetry data and the emergence of polymorphic, AI-powered threats that evolve in real time. This partnership aims to provide defenders with centralized control over their data and enhance its security value, moving beyond vendor lock-in or rigid, rule-based detection pipelines.

Central to the offering is DeepTempo’s flagship Tempo platform, which includes its purpose-built LogLM. This foundation model, developed by DeepTempo, is designed to understand the “language of logs” and is integrated with the necessary software and workflows for real-time, behavior-first detection. By combining Tempo’s advanced analytics with Cribl’s data collection and management capabilities, customers can achieve high-fidelity detections, accelerate investigations, and realize cost savings without the complexity of managing multiple collectors or preprocessing pipelines.

Vlad Melnik, VP of Business Development and Global Alliances at Cribl, stated, “Security teams need full visibility and the ability to act fast. With Cribl, organizations can shape and route telemetry to the right tools, like DeepTempo’s purpose-built deep learning engine, for real-time threat detection. It’s a natural fit: we deliver the right data, and Tempo extracts maximum security value.”

The integrated solution offers several key benefits for security teams. Cribl Stream, Lake, and Search unify the telemetry lifecycle, managing collection, routing, tiering, and instant search of logs, metrics, and events from diverse sources and formats. This suite enables centralized control, flexible access, and reduced costs through seamless object store integration and federated search. Furthermore, Cribl’s Copilot Editor automatically maps raw telemetry to industry schemas such as OCSF, ECS, UDM, and ASIM, with Tempo layering in behavioral enrichment to improve time-to-insight. Tempo’s LogLM identifies subtle deviations from normal activity, from reconnaissance to lateral movement, with reported false positives under 1% after domain adaptation. The platform operates agent-free and is optimized for modern data lake and cloud-native environments, utilizing NVIDIA GPU acceleration and RAPIDS integration for high-throughput, real-time analysis of large data volumes.

Faster Security Operations Center (SOC) workflows are also facilitated as Tempo automatically tags sequences with MITRE ATT&CK techniques, constructs forensic timelines, and uses vector-based correlation for rapid triage and root-cause analysis. Replay capabilities allow data retrieval from low-cost storage for investigation and model fine-tuning. Additionally, intelligent data routing and reduced false positives can lower SIEM licensing costs by up to 45%.

Evan Powell, CEO of DeepTempo, commented, “With Cribl’s data management and Copilot capabilities, pairing our Tempo platform at the network layer gives defenders both coverage and governance at scale. Tempo’s LogLM turns raw telemetry into high-signal context, the insight security teams need to outpace agentic AI threats, zero-click exploits, and other attacks that slip past traditional defenses.”

The integrated solution is currently available for deployment across cloud, hybrid, and on-premises environments. DeepTempo also provides deep learning-based cybersecurity solutions via the Snowflake Native App Marketplace, leveraging its LogLMs to optimize security spending and enhance operational efficiency.