.png)
At DoControl, innovation doesn’t just happen through sprints and roadmaps - it happens in real time, driven by the curiosity and creativity of our team. This year’s internal hackathon brought together engineers, product thinkers, and security practitioners to push the boundaries of what’s possible in SaaS security.
The foundation of this hackathon was built around the idea of further accelerating our AI efforts - not just in how we run engineering, but in how we embed AI into our product to maximize efficiency, drive usage, and, most importantly, lead the market with the innovation needed to solve the core SaaS security challenges businesses face today.
The introduction of Dot is just the beginning of our AI journey. Below, we share our vision for the areas we’re investing in as we continue to deliver a deep and comprehensive SaaS data security solution.
🚨 Agent-Based AI Alert System
Product Capability: This team built a prototype for a dynamic, agent-powered alerting system using frameworks like AWS Bedrock. Instead of static rules or thresholds, this approach enables real-time, contextual decisions made by autonomous AI agents.
Why It Matters: We pride ourselves on offering contextualized alerts that eliminate false-positives, this takes that philosophy a step further. This lays the groundwork for Alerts 2.0, introducing an enhanced, intelligent foundation that adapts as threats evolve. It’s a leap toward a future where security signals are not just triggered - they're interpreted and automatically adjusted based on the unique behaviors of each business’s users.
🔍 Incidents: Macro-Level Attack Detection
Team: Gilad, Bar, Shon, Ron, Anat
Product Capability: Building on the alerting foundation, the team focused on the next logical step: correlation. They used AI agents to detect macro-level attack patterns across event data - surfacing campaigns and coordinated actions that individual alerts often miss. It’s about identifying continuous behaviors as they occur and linking them together to determine which automated remediation policies to implement.
Why It Matters: As part of Phase 2 of our Alerts 2.0 vision, this new capability takes detection to the next level. It’s no longer just about identifying what happened - it’s about understanding why it’s happening and what broader context it’s part of. That’s real incident awareness.
This evolution marks a shift from singular, scoped anomalies - what we call alerts - to incidents, which represent a broader scope and greater risk. An incident could be a coordinated attack involving multiple actions across systems by a malicious actor over time, or an organization-wide event made up of individual anomalies, like mass failed login attempts across users. By connecting the dots, we’re enabling teams to see the bigger picture faster and act with confidence.
🛠️ AI Workflow Builder
Product Capability: This team explored how LLMs can assist in building automated workflows using natural language prompts. Think: 'Create a policy to revoke access for all external collaborators after 30 days' - and then watch the workflow come to life.
Why It Matters: This expands on our launch of Dot. Even with workflow playbooks, adjustments are often needed. Now, you can take any concept or idea and instantly create a workflow tailored to your environment - contextualized and adjusted to your exact data. It can even run tests on your behalf to ensure everything works as expected. Scalable, automated DLP has never been easier..
🌐 Multi-Purpose Chrome Extension
Team: Yossi, Karadi, Yagel, Shira
Product Capability: This ambitious build explored endpoint visibility and enforcement via a browser extension, introducing three key capabilities:
- Block/Allow Recent Browser Actions Based on Policy
- Discover Installed Browser Extensions (e.g., GenAI tools)
- Inline DLP for GenAI Apps
Why It Matters: These capabilities tap into adjacent spaces like browser security and user behavior control - enabling action on SaaS data taken outside the cloud, and offering a truly comprehensive solution that eliminates the need for an agent. They demonstrate how far our platform can stretch - while reinforcing the importance of staying laser-focused on our core strengths.
Final Thoughts
While other teams focused on backend infrastructure, GTM processes, and broader support, we set out to highlight the efforts driving product expansion.
The common thread across all these projects? Intelligence and innovation at scale. Whether it’s an agent parsing real-time events or AI surfacing meaningful patterns, the future of SaaS security isn’t just about access - it’s about awareness. This hackathon proved we're not just responding to today’s market - we're building for where it's headed.
Stay tuned.
—
DoControl Product Team