RedCloud Brain

Overview

RedCloud Brain is the platform’s autonomous learning system. On a schedule, it gathers fresh security intelligence, plans improvements, and turns what it learns into updated detection knowledge — so the platform keeps pace with new threats without manual curation.

Key benefits

Benefit	Capability	Business value
Always current	Scheduled intelligence cycles	Coverage keeps up with new CVEs and threats
Authoritative sources	CVE, KEV, EPSS, advisories, ATT&CK	Intelligence from the sources that matter
Learning	Generates learned rules and indicators	The platform improves over time

How it works

Cycles

The Brain runs on a daily rhythm: a planning phase builds an improvement plan, and a night phase executes it (with per-step error isolation), writing out learned rules and indicators. Intelligence collection and a learning report round out the cycle. These cycles are driven by the scheduler service.

Sources

The Brain ingests from authoritative feeds, including CISA KEV (known exploited vulnerabilities), EPSS (exploit prediction), NVD CVE, GitHub Advisories, MITRE ATT&CK, cloud security bulletins, and curated news. A broader knowledge pipeline also ingests Google Cloud bulletins and product/SCC/SecOps release notes.

What you see

The Brain surfaces its status, daily reports, history, and intelligence in-product, so you can see what it learned and when.

Implementation / workflow

Ensure the scheduler service is running (it drives the Brain cycles).
Review the Brain’s status and daily report to see new intelligence.
Benefit automatically: learned rules and indicators enrich subsequent scans.

Best practices

Keep the scheduler healthy so cycles run on time.
Review the Brain’s reports periodically to stay aware of emerging threats relevant to you.