This post is also available in:
עברית (Hebrew)
A new artificial intelligence tool is changing how cybersecurity teams understand and respond to threats. U.S.-based startup Tidal Cyber has introduced NARC (Natural Attack Reading and Comprehension) — a system designed to automatically interpret and organize adversary behaviors hidden within large volumes of unstructured cybersecurity information.
NARC processes data from diverse sources, including cyber threat intelligence reports, incident response documentation, and results from red-team simulations. It translates these materials into structured records of attacker procedures, linking them to known tactics and techniques. The result is a dynamic knowledge base that reflects how real-world adversaries operate, rather than simply what they use.
This structured approach enables security teams to move from reactive incident management toward a threat-led defense model. By maintaining continuously updated intelligence, NARC supports a wide range of defensive functions such as detection, threat hunting, and control validation. The tool also identifies relationships between threat actors, software tools, and campaigns, creating a more complete and evolving view of the cyber threat landscape.
According to Military AI, one of the most immediate advantages lies in efficiency. Tasks that once required hours of manual tagging and cross-referencing can now be completed in minutes, allowing analysts to focus on decision-making rather than data wrangling.
Integrated into Tidal Cyber’s existing Threat-Led Defense platform, NARC connects these insights directly to an organization’s security controls. This integration helps teams understand which attacker behaviors are already mitigated, which remain vulnerable, and where detection coverage needs to improve. Instead of simply tracking high-level techniques, the system drills down into specific commands and operational details, offering a clearer picture of how threats unfold in practice.
Drawing from over 1,500 technical threat reports, NARC continuously refines its understanding of attacker operations. It operates as a feedback loop — mapping intelligence to behaviors, identifying defensive gaps, validating what works, and recommending adjustments. The result is a more agile and informed defense posture that evolves in step with the threat environment.
The press release can be found here.
