SlideShare uma empresa Scribd logo
1 de 12
Baixar para ler offline
Cognitive Security:
How Artificial Intelligence Is Your New Best Friend
TM
The potential for machine learning in the cyber space
KEITH MOORE
DIRECTOR OF PRODUCT MANAGEMENT
SPARKCOGNITION
Why Machine Learning Is Needed To Solve These Problems
Automates the analyst
research process
Scales to ingest massive data
streams
Combats constantly evolving
malware variants
Defends networks against hard
to identify APTs
Cross-correlates between data
to find threats
SparkCognition A.I. technology can accelerate Decision Making
• Identifies anomalous events
• Aggregates multiple data streams
• Recognizes known and unknown
patterns
• Incorporates analyst feedback so that
underlying models learn from human
response
• Presents actionable evidence behind its
conclusions
A.I software trains on historical events to recognize patterns and provide maximum business awareness
Scan for matches Against DB and
Suspected Patterns
Patterns Stored in
Cognitive DB
Supervisory Input
Confidential
TM
What sort of problems can be solved using machine learning?
Polymorphic malware is significantly shifting the security landscape
 78% of security analysts no longer trust anti-virus tools
 99% of malware hashes are seen for only 58 seconds or less
 16% of malware samples are “virtual machine aware”
Machine Learning Anti-Virus combats obfuscation and
polymorphism
Break down the
DNA of every file
Analyze all of the
components
individually
Determine
likelihood of
malicious nature
• 50% of analysts cite too many false
positives as a significant detractor of
SIEM use
SIEM
Big data is leading to a big problem…
10,000 Alerts
• Analysts can focus on real threats with
much of their research completely
automated
SIEM
Machine Learning research and prioritization tools ensure
analysts look at relevant threats
10,000 Alerts
Identifying terms are
pulled from potential
threat anomalies
Multiple search engines are
automatically queried (e.g.: “Is
Opera/ 12.14 using Port 8888 a
threat?” )
Search engine results
are filtered for
language and
relevance
Threat Term Filter
Threat Confidence
& Evidence
NLP Model
Processing
Summary
Generation
Search engine
results are
aggregated
Proprietary NLP model reads
and understands language,
assigns confidence score
reflecting malicious nature
Extraction
Search
Engine 2
Search
Engine 1
Aggregate
Results
Relevant term text
is extracted from
web pages
Most relevant
term text is
identified and
ranked
Evidence is summarized
using natural language
generation and displayed
with confidence score
Search
Engine 3…
Natural Language Processing builds a bridge between anomalous
behavior and malicious intent
SparkSecure is a comprehensive, advanced cyber security platform
Agentless EP
Protection
Bot Detection Find the
Snowden
Personally
Identifiable Info
Web Server
Protection
Research
Automation
• Traditional AV detects
< 5% of new
advanced threats
• 56% of web traffic is bot
generated
• 29% of bot traffic is
malicious
• 11% of employees
access unauthorized
docs and sell for profit
• Companies need to
prevent the leakage of
PII. Out of compliance
can lead to penalties
• Web server breaches,
on average, cost $3.79M
• Analysts are inundated
with alerts, most of
which are false positives
• Forensic costs went up
25% last year
• Ingests network traffic
logs to monitors
network perimeter for
anomalies
• Deploys Machine
Learning AntiVirus to
detect 98% of new
zero-day attacks early
• Proprietary Machine
Learning classification
algorithm powers bot
identification
• Develops Bot signatures
and rules to block
threats
• Uses temporal and
behavioral analysis to
identify deviations and
threats with minimal
false positives
• Automatically examine
user agent and payloads
for PII
• Stop inbound &
outbound leakage
• Reads email traffic and
attachments for
unstructured PII
• Analyzes incoming traffic
for SQL injections, XSS,
DDoS etc.
• Co-relates to multiple
internal & external
sources
• Automated threat
research expedites time
to remediation
• Rapid custom data
querying in HDFS scales
to massive data sets
• IBM Watson powered
automated threat
research and advisor
ProblemSolution
TM
Thank You

Mais conteúdo relacionado

Mais procurados

How Machine Learning & AI Will Improve Cyber Security
How Machine Learning & AI Will Improve Cyber SecurityHow Machine Learning & AI Will Improve Cyber Security
How Machine Learning & AI Will Improve Cyber SecurityDevOps.com
 
How is ai important to the future of cyber security
How is ai important to the future of cyber security How is ai important to the future of cyber security
How is ai important to the future of cyber security Robert Smith
 
AI and ML in Cybersecurity
AI and ML in CybersecurityAI and ML in Cybersecurity
AI and ML in CybersecurityForcepoint LLC
 
The good, the bad, and the ugly on integration ai with cybersecurity
The good, the bad, and the ugly on integration ai with cybersecurityThe good, the bad, and the ugly on integration ai with cybersecurity
The good, the bad, and the ugly on integration ai with cybersecurityMohammad Khreesha
 
Threat Hunting 101: Intro to Threat Detection and Incident Response
Threat Hunting 101: Intro to Threat Detection and Incident ResponseThreat Hunting 101: Intro to Threat Detection and Incident Response
Threat Hunting 101: Intro to Threat Detection and Incident ResponseInfocyte
 
Application of Machine Learning in Cyber Security
Application of Machine Learning in Cyber SecurityApplication of Machine Learning in Cyber Security
Application of Machine Learning in Cyber SecurityDr. Umesh Rao.Hodeghatta
 
Cyber Security in AI (Artificial Intelligence)
Cyber Security in AI (Artificial Intelligence)Cyber Security in AI (Artificial Intelligence)
Cyber Security in AI (Artificial Intelligence)Harsh Bhanushali
 
Machine learning in Cyber Security
Machine learning in Cyber SecurityMachine learning in Cyber Security
Machine learning in Cyber SecurityRajathV2
 
The Future of Security: How Artificial Intelligence Will Impact Us
The Future of Security: How Artificial Intelligence Will Impact UsThe Future of Security: How Artificial Intelligence Will Impact Us
The Future of Security: How Artificial Intelligence Will Impact UsPECB
 
Cognitive Computing in Security with AI
Cognitive Computing in Security with AI Cognitive Computing in Security with AI
Cognitive Computing in Security with AI JoAnna Cheshire
 
Use of Artificial Intelligence in Cyber Security - Avantika University
Use of Artificial Intelligence in Cyber Security - Avantika UniversityUse of Artificial Intelligence in Cyber Security - Avantika University
Use of Artificial Intelligence in Cyber Security - Avantika UniversityAvantika University
 
How to Operationalize Big Data Security Analytics - Technology Spotlight at I...
How to Operationalize Big Data Security Analytics - Technology Spotlight at I...How to Operationalize Big Data Security Analytics - Technology Spotlight at I...
How to Operationalize Big Data Security Analytics - Technology Spotlight at I...Interset
 
Machine Learning in Information Security by Mohammed Zuber
Machine Learning in Information Security by Mohammed ZuberMachine Learning in Information Security by Mohammed Zuber
Machine Learning in Information Security by Mohammed ZuberOWASP Delhi
 
AI and Cybersecurity - Food for Thought
AI and Cybersecurity - Food for ThoughtAI and Cybersecurity - Food for Thought
AI and Cybersecurity - Food for ThoughtNUS-ISS
 
Using a Cognitive Analytic Approach to Enhance Cybersecurity on Oil and Gas O...
Using a Cognitive Analytic Approach to Enhance Cybersecurity on Oil and Gas O...Using a Cognitive Analytic Approach to Enhance Cybersecurity on Oil and Gas O...
Using a Cognitive Analytic Approach to Enhance Cybersecurity on Oil and Gas O...SparkCognition
 
Telesoft Cyber Threat Hunting Infographic
Telesoft Cyber Threat Hunting InfographicTelesoft Cyber Threat Hunting Infographic
Telesoft Cyber Threat Hunting InfographicSarah Chandley
 
Cyber Defense Automation
Cyber Defense AutomationCyber Defense Automation
Cyber Defense Automation♟Sergej Epp
 
WEBINAR: How To Use Artificial Intelligence To Prevent Insider Threats
WEBINAR: How To Use Artificial Intelligence To Prevent Insider ThreatsWEBINAR: How To Use Artificial Intelligence To Prevent Insider Threats
WEBINAR: How To Use Artificial Intelligence To Prevent Insider ThreatsInterset
 
Vulnerability in ai
 Vulnerability in ai Vulnerability in ai
Vulnerability in aiSrajalTiwari1
 

Mais procurados (20)

How Machine Learning & AI Will Improve Cyber Security
How Machine Learning & AI Will Improve Cyber SecurityHow Machine Learning & AI Will Improve Cyber Security
How Machine Learning & AI Will Improve Cyber Security
 
How is ai important to the future of cyber security
How is ai important to the future of cyber security How is ai important to the future of cyber security
How is ai important to the future of cyber security
 
AI and ML in Cybersecurity
AI and ML in CybersecurityAI and ML in Cybersecurity
AI and ML in Cybersecurity
 
The good, the bad, and the ugly on integration ai with cybersecurity
The good, the bad, and the ugly on integration ai with cybersecurityThe good, the bad, and the ugly on integration ai with cybersecurity
The good, the bad, and the ugly on integration ai with cybersecurity
 
Threat Hunting 101: Intro to Threat Detection and Incident Response
Threat Hunting 101: Intro to Threat Detection and Incident ResponseThreat Hunting 101: Intro to Threat Detection and Incident Response
Threat Hunting 101: Intro to Threat Detection and Incident Response
 
Application of Machine Learning in Cyber Security
Application of Machine Learning in Cyber SecurityApplication of Machine Learning in Cyber Security
Application of Machine Learning in Cyber Security
 
Cyber Security in AI (Artificial Intelligence)
Cyber Security in AI (Artificial Intelligence)Cyber Security in AI (Artificial Intelligence)
Cyber Security in AI (Artificial Intelligence)
 
Machine learning in Cyber Security
Machine learning in Cyber SecurityMachine learning in Cyber Security
Machine learning in Cyber Security
 
The Future of Security: How Artificial Intelligence Will Impact Us
The Future of Security: How Artificial Intelligence Will Impact UsThe Future of Security: How Artificial Intelligence Will Impact Us
The Future of Security: How Artificial Intelligence Will Impact Us
 
Cognitive Computing in Security with AI
Cognitive Computing in Security with AI Cognitive Computing in Security with AI
Cognitive Computing in Security with AI
 
Use of Artificial Intelligence in Cyber Security - Avantika University
Use of Artificial Intelligence in Cyber Security - Avantika UniversityUse of Artificial Intelligence in Cyber Security - Avantika University
Use of Artificial Intelligence in Cyber Security - Avantika University
 
How to Operationalize Big Data Security Analytics - Technology Spotlight at I...
How to Operationalize Big Data Security Analytics - Technology Spotlight at I...How to Operationalize Big Data Security Analytics - Technology Spotlight at I...
How to Operationalize Big Data Security Analytics - Technology Spotlight at I...
 
Machine Learning in Information Security by Mohammed Zuber
Machine Learning in Information Security by Mohammed ZuberMachine Learning in Information Security by Mohammed Zuber
Machine Learning in Information Security by Mohammed Zuber
 
AI and Cybersecurity - Food for Thought
AI and Cybersecurity - Food for ThoughtAI and Cybersecurity - Food for Thought
AI and Cybersecurity - Food for Thought
 
AI cybersecurity
AI cybersecurityAI cybersecurity
AI cybersecurity
 
Using a Cognitive Analytic Approach to Enhance Cybersecurity on Oil and Gas O...
Using a Cognitive Analytic Approach to Enhance Cybersecurity on Oil and Gas O...Using a Cognitive Analytic Approach to Enhance Cybersecurity on Oil and Gas O...
Using a Cognitive Analytic Approach to Enhance Cybersecurity on Oil and Gas O...
 
Telesoft Cyber Threat Hunting Infographic
Telesoft Cyber Threat Hunting InfographicTelesoft Cyber Threat Hunting Infographic
Telesoft Cyber Threat Hunting Infographic
 
Cyber Defense Automation
Cyber Defense AutomationCyber Defense Automation
Cyber Defense Automation
 
WEBINAR: How To Use Artificial Intelligence To Prevent Insider Threats
WEBINAR: How To Use Artificial Intelligence To Prevent Insider ThreatsWEBINAR: How To Use Artificial Intelligence To Prevent Insider Threats
WEBINAR: How To Use Artificial Intelligence To Prevent Insider Threats
 
Vulnerability in ai
 Vulnerability in ai Vulnerability in ai
Vulnerability in ai
 

Destaque

Machine learning’s impact on utilities webinar
Machine learning’s impact on utilities webinarMachine learning’s impact on utilities webinar
Machine learning’s impact on utilities webinarSparkCognition
 
Machine Learning and Cognitive Fingerprinting - SparkCognition
Machine Learning and Cognitive Fingerprinting - SparkCognitionMachine Learning and Cognitive Fingerprinting - SparkCognition
Machine Learning and Cognitive Fingerprinting - SparkCognitionSparkCognition
 
AWEA Cognitive Analytics for Predictive Futures
AWEA Cognitive Analytics for Predictive FuturesAWEA Cognitive Analytics for Predictive Futures
AWEA Cognitive Analytics for Predictive FuturesSparkCognition
 
Watson join the cognitive era
Watson   join the cognitive eraWatson   join the cognitive era
Watson join the cognitive eraAnders Quitzau
 
Cognitive Analysis With SparkSecure
Cognitive Analysis With SparkSecureCognitive Analysis With SparkSecure
Cognitive Analysis With SparkSecureSparkCognition
 
Artificial Intelligence Application in Oil and Gas
Artificial Intelligence Application in Oil and GasArtificial Intelligence Application in Oil and Gas
Artificial Intelligence Application in Oil and GasSparkCognition
 
Design for an Enterprise Hub
Design for an Enterprise HubDesign for an Enterprise Hub
Design for an Enterprise HubAndrew Ng
 
Cognitive Security Case Study
Cognitive Security Case StudyCognitive Security Case Study
Cognitive Security Case StudyJaroslav Trojan
 
20130726_Financial planning
20130726_Financial planning20130726_Financial planning
20130726_Financial planningJaroslav Trojan
 
Security in the Cognitive Era: Why it matters more than ever
Security in the Cognitive Era: Why it matters more than everSecurity in the Cognitive Era: Why it matters more than ever
Security in the Cognitive Era: Why it matters more than everEC-Council
 
Cognitive Security Case Study
Cognitive Security Case StudyCognitive Security Case Study
Cognitive Security Case StudyCredo Ventures
 
Ibm cognitive security_white_paper_04_2016
Ibm cognitive security_white_paper_04_2016Ibm cognitive security_white_paper_04_2016
Ibm cognitive security_white_paper_04_2016Janghyuck Choi
 
Technological Convergence - it-cafe
Technological Convergence - it-cafeTechnological Convergence - it-cafe
Technological Convergence - it-cafeMasoud Zamani
 
Data science unit introduction
Data science unit introductionData science unit introduction
Data science unit introductionGregg Barrett
 
Artificial intelligence in cyber defense
Artificial intelligence in cyber defenseArtificial intelligence in cyber defense
Artificial intelligence in cyber defenseUjjwal Tripathi
 
Developing Analytic Technique and Defeating Cognitive Bias in Security
Developing Analytic Technique and Defeating Cognitive Bias in SecurityDeveloping Analytic Technique and Defeating Cognitive Bias in Security
Developing Analytic Technique and Defeating Cognitive Bias in Securitychrissanders88
 
Artificial Intelligence and Machine Learning for Cybersecurity
Artificial Intelligence and Machine Learning for CybersecurityArtificial Intelligence and Machine Learning for Cybersecurity
Artificial Intelligence and Machine Learning for CybersecurityDr David Probert
 

Destaque (20)

Machine learning’s impact on utilities webinar
Machine learning’s impact on utilities webinarMachine learning’s impact on utilities webinar
Machine learning’s impact on utilities webinar
 
Machine Learning and Cognitive Fingerprinting - SparkCognition
Machine Learning and Cognitive Fingerprinting - SparkCognitionMachine Learning and Cognitive Fingerprinting - SparkCognition
Machine Learning and Cognitive Fingerprinting - SparkCognition
 
AWEA Cognitive Analytics for Predictive Futures
AWEA Cognitive Analytics for Predictive FuturesAWEA Cognitive Analytics for Predictive Futures
AWEA Cognitive Analytics for Predictive Futures
 
Watson join the cognitive era
Watson   join the cognitive eraWatson   join the cognitive era
Watson join the cognitive era
 
Cognitive Analysis With SparkSecure
Cognitive Analysis With SparkSecureCognitive Analysis With SparkSecure
Cognitive Analysis With SparkSecure
 
Artificial Intelligence Application in Oil and Gas
Artificial Intelligence Application in Oil and GasArtificial Intelligence Application in Oil and Gas
Artificial Intelligence Application in Oil and Gas
 
Design for an Enterprise Hub
Design for an Enterprise HubDesign for an Enterprise Hub
Design for an Enterprise Hub
 
Cognitive Security Case Study
Cognitive Security Case StudyCognitive Security Case Study
Cognitive Security Case Study
 
20130726_Financial planning
20130726_Financial planning20130726_Financial planning
20130726_Financial planning
 
Security in the Cognitive Era: Why it matters more than ever
Security in the Cognitive Era: Why it matters more than everSecurity in the Cognitive Era: Why it matters more than ever
Security in the Cognitive Era: Why it matters more than ever
 
Cognitive Security Case Study
Cognitive Security Case StudyCognitive Security Case Study
Cognitive Security Case Study
 
Ibm cognitive security_white_paper_04_2016
Ibm cognitive security_white_paper_04_2016Ibm cognitive security_white_paper_04_2016
Ibm cognitive security_white_paper_04_2016
 
IBM MaaS360 with Watson
IBM MaaS360 with WatsonIBM MaaS360 with Watson
IBM MaaS360 with Watson
 
Technological Convergence - it-cafe
Technological Convergence - it-cafeTechnological Convergence - it-cafe
Technological Convergence - it-cafe
 
Data science unit introduction
Data science unit introductionData science unit introduction
Data science unit introduction
 
report
reportreport
report
 
Artificial intelligence in cyber defense
Artificial intelligence in cyber defenseArtificial intelligence in cyber defense
Artificial intelligence in cyber defense
 
Carnival
CarnivalCarnival
Carnival
 
Developing Analytic Technique and Defeating Cognitive Bias in Security
Developing Analytic Technique and Defeating Cognitive Bias in SecurityDeveloping Analytic Technique and Defeating Cognitive Bias in Security
Developing Analytic Technique and Defeating Cognitive Bias in Security
 
Artificial Intelligence and Machine Learning for Cybersecurity
Artificial Intelligence and Machine Learning for CybersecurityArtificial Intelligence and Machine Learning for Cybersecurity
Artificial Intelligence and Machine Learning for Cybersecurity
 

Semelhante a Cognitive Security: How Artificial Intelligence is Your New Best Friend

How to Use Artificial Intelligence to Minimize your Cybersecurity Attack Surface
How to Use Artificial Intelligence to Minimize your Cybersecurity Attack SurfaceHow to Use Artificial Intelligence to Minimize your Cybersecurity Attack Surface
How to Use Artificial Intelligence to Minimize your Cybersecurity Attack SurfaceSparkCognition
 
Cyber Security for Digital-Era
Cyber Security for Digital-EraCyber Security for Digital-Era
Cyber Security for Digital-EraJK Tech
 
Insight Brief: Security Analytics to Identify the 12 Indicators of Compromise
Insight Brief: Security Analytics to Identify the 12 Indicators of CompromiseInsight Brief: Security Analytics to Identify the 12 Indicators of Compromise
Insight Brief: Security Analytics to Identify the 12 Indicators of Compromise21CT Inc.
 
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0James Perry, Jr.
 
Why do women love chasing down bad guys?
Why do women love chasing down bad guys? Why do women love chasing down bad guys?
Why do women love chasing down bad guys? SITA
 
Automated Emerging Cyber Threat Identification and Profiling Based on Natural...
Automated Emerging Cyber Threat Identification and Profiling Based on Natural...Automated Emerging Cyber Threat Identification and Profiling Based on Natural...
Automated Emerging Cyber Threat Identification and Profiling Based on Natural...Shakas Technologies
 
The next generation of IT security
The next generation of IT securityThe next generation of IT security
The next generation of IT securitySophos Benelux
 
Damballa automated breach defense june 2014
Damballa automated breach defense   june 2014Damballa automated breach defense   june 2014
Damballa automated breach defense june 2014Ricardo Resnik
 
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDNOliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDNcentralohioissa
 
Combating cyber security through forensic investigation tools
Combating cyber security through forensic investigation toolsCombating cyber security through forensic investigation tools
Combating cyber security through forensic investigation toolsVenkata Sreeram
 
data mining for security application
data mining for security applicationdata mining for security application
data mining for security applicationbharatsvnit
 
data mining for security application
data mining for security applicationdata mining for security application
data mining for security applicationbharatsvnit
 
Security O365 Using AI-based Advanced Threat Protection
Security O365 Using AI-based Advanced Threat ProtectionSecurity O365 Using AI-based Advanced Threat Protection
Security O365 Using AI-based Advanced Threat ProtectionBitglass
 
The Hacker Playbook: How to Think like a Cybercriminal to Reduce Risk
The Hacker Playbook: How to Think like a Cybercriminal to Reduce RiskThe Hacker Playbook: How to Think like a Cybercriminal to Reduce Risk
The Hacker Playbook: How to Think like a Cybercriminal to Reduce RiskBeyondTrust
 
Cyber warfare introduction
Cyber warfare introductionCyber warfare introduction
Cyber warfare introductionjagadeesh katla
 
3 Hkcert Trend
3  Hkcert Trend3  Hkcert Trend
3 Hkcert TrendSC Leung
 
Encase cybersecurity alat za proaktivnu kontrolu korporativne it sigurnosti 2
Encase cybersecurity alat za proaktivnu kontrolu korporativne it sigurnosti 2Encase cybersecurity alat za proaktivnu kontrolu korporativne it sigurnosti 2
Encase cybersecurity alat za proaktivnu kontrolu korporativne it sigurnosti 2Damir Delija
 
Protecting Windows Networks From Malware 31 Jan09
Protecting Windows Networks From Malware 31 Jan09Protecting Windows Networks From Malware 31 Jan09
Protecting Windows Networks From Malware 31 Jan09technext1
 

Semelhante a Cognitive Security: How Artificial Intelligence is Your New Best Friend (20)

How to Use Artificial Intelligence to Minimize your Cybersecurity Attack Surface
How to Use Artificial Intelligence to Minimize your Cybersecurity Attack SurfaceHow to Use Artificial Intelligence to Minimize your Cybersecurity Attack Surface
How to Use Artificial Intelligence to Minimize your Cybersecurity Attack Surface
 
NetWitness
NetWitnessNetWitness
NetWitness
 
Cyber Security for Digital-Era
Cyber Security for Digital-EraCyber Security for Digital-Era
Cyber Security for Digital-Era
 
Insight Brief: Security Analytics to Identify the 12 Indicators of Compromise
Insight Brief: Security Analytics to Identify the 12 Indicators of CompromiseInsight Brief: Security Analytics to Identify the 12 Indicators of Compromise
Insight Brief: Security Analytics to Identify the 12 Indicators of Compromise
 
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0
 
Why do women love chasing down bad guys?
Why do women love chasing down bad guys? Why do women love chasing down bad guys?
Why do women love chasing down bad guys?
 
Automated Emerging Cyber Threat Identification and Profiling Based on Natural...
Automated Emerging Cyber Threat Identification and Profiling Based on Natural...Automated Emerging Cyber Threat Identification and Profiling Based on Natural...
Automated Emerging Cyber Threat Identification and Profiling Based on Natural...
 
The next generation of IT security
The next generation of IT securityThe next generation of IT security
The next generation of IT security
 
The artificial reality of cyber defense
The artificial reality of cyber defenseThe artificial reality of cyber defense
The artificial reality of cyber defense
 
Damballa automated breach defense june 2014
Damballa automated breach defense   june 2014Damballa automated breach defense   june 2014
Damballa automated breach defense june 2014
 
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDNOliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
 
Combating cyber security through forensic investigation tools
Combating cyber security through forensic investigation toolsCombating cyber security through forensic investigation tools
Combating cyber security through forensic investigation tools
 
data mining for security application
data mining for security applicationdata mining for security application
data mining for security application
 
data mining for security application
data mining for security applicationdata mining for security application
data mining for security application
 
Security O365 Using AI-based Advanced Threat Protection
Security O365 Using AI-based Advanced Threat ProtectionSecurity O365 Using AI-based Advanced Threat Protection
Security O365 Using AI-based Advanced Threat Protection
 
The Hacker Playbook: How to Think like a Cybercriminal to Reduce Risk
The Hacker Playbook: How to Think like a Cybercriminal to Reduce RiskThe Hacker Playbook: How to Think like a Cybercriminal to Reduce Risk
The Hacker Playbook: How to Think like a Cybercriminal to Reduce Risk
 
Cyber warfare introduction
Cyber warfare introductionCyber warfare introduction
Cyber warfare introduction
 
3 Hkcert Trend
3  Hkcert Trend3  Hkcert Trend
3 Hkcert Trend
 
Encase cybersecurity alat za proaktivnu kontrolu korporativne it sigurnosti 2
Encase cybersecurity alat za proaktivnu kontrolu korporativne it sigurnosti 2Encase cybersecurity alat za proaktivnu kontrolu korporativne it sigurnosti 2
Encase cybersecurity alat za proaktivnu kontrolu korporativne it sigurnosti 2
 
Protecting Windows Networks From Malware 31 Jan09
Protecting Windows Networks From Malware 31 Jan09Protecting Windows Networks From Malware 31 Jan09
Protecting Windows Networks From Malware 31 Jan09
 

Último

UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1DianaGray10
 
Spring24-Release Overview - Wellingtion User Group-1.pdf
Spring24-Release Overview - Wellingtion User Group-1.pdfSpring24-Release Overview - Wellingtion User Group-1.pdf
Spring24-Release Overview - Wellingtion User Group-1.pdfAnna Loughnan Colquhoun
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6DianaGray10
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioChristian Posta
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8DianaGray10
 
Do we need a new standard for visualizing the invisible?
Do we need a new standard for visualizing the invisible?Do we need a new standard for visualizing the invisible?
Do we need a new standard for visualizing the invisible?SANGHEE SHIN
 
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostKubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostMatt Ray
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAshyamraj55
 
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfDaniel Santiago Silva Capera
 
Linked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesLinked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesDavid Newbury
 
Designing A Time bound resource download URL
Designing A Time bound resource download URLDesigning A Time bound resource download URL
Designing A Time bound resource download URLRuncy Oommen
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxGDSC PJATK
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IES VE
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintMahmoud Rabie
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdfPedro Manuel
 
Babel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptxBabel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptxYounusS2
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding TeamAdam Moalla
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPathCommunity
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfinfogdgmi
 
OpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureOpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureEric D. Schabell
 

Último (20)

UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
 
Spring24-Release Overview - Wellingtion User Group-1.pdf
Spring24-Release Overview - Wellingtion User Group-1.pdfSpring24-Release Overview - Wellingtion User Group-1.pdf
Spring24-Release Overview - Wellingtion User Group-1.pdf
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and Istio
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8
 
Do we need a new standard for visualizing the invisible?
Do we need a new standard for visualizing the invisible?Do we need a new standard for visualizing the invisible?
Do we need a new standard for visualizing the invisible?
 
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostKubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
 
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
 
Linked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesLinked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond Ontologies
 
Designing A Time bound resource download URL
Designing A Time bound resource download URLDesigning A Time bound resource download URL
Designing A Time bound resource download URL
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptx
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership Blueprint
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdf
 
Babel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptxBabel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptx
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation Developers
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdf
 
OpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureOpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability Adventure
 

Cognitive Security: How Artificial Intelligence is Your New Best Friend

  • 1. Cognitive Security: How Artificial Intelligence Is Your New Best Friend
  • 2. TM The potential for machine learning in the cyber space KEITH MOORE DIRECTOR OF PRODUCT MANAGEMENT SPARKCOGNITION
  • 3. Why Machine Learning Is Needed To Solve These Problems Automates the analyst research process Scales to ingest massive data streams Combats constantly evolving malware variants Defends networks against hard to identify APTs Cross-correlates between data to find threats
  • 4. SparkCognition A.I. technology can accelerate Decision Making • Identifies anomalous events • Aggregates multiple data streams • Recognizes known and unknown patterns • Incorporates analyst feedback so that underlying models learn from human response • Presents actionable evidence behind its conclusions A.I software trains on historical events to recognize patterns and provide maximum business awareness Scan for matches Against DB and Suspected Patterns Patterns Stored in Cognitive DB Supervisory Input Confidential
  • 5. TM What sort of problems can be solved using machine learning?
  • 6. Polymorphic malware is significantly shifting the security landscape  78% of security analysts no longer trust anti-virus tools  99% of malware hashes are seen for only 58 seconds or less  16% of malware samples are “virtual machine aware”
  • 7. Machine Learning Anti-Virus combats obfuscation and polymorphism Break down the DNA of every file Analyze all of the components individually Determine likelihood of malicious nature
  • 8. • 50% of analysts cite too many false positives as a significant detractor of SIEM use SIEM Big data is leading to a big problem… 10,000 Alerts
  • 9. • Analysts can focus on real threats with much of their research completely automated SIEM Machine Learning research and prioritization tools ensure analysts look at relevant threats 10,000 Alerts
  • 10. Identifying terms are pulled from potential threat anomalies Multiple search engines are automatically queried (e.g.: “Is Opera/ 12.14 using Port 8888 a threat?” ) Search engine results are filtered for language and relevance Threat Term Filter Threat Confidence & Evidence NLP Model Processing Summary Generation Search engine results are aggregated Proprietary NLP model reads and understands language, assigns confidence score reflecting malicious nature Extraction Search Engine 2 Search Engine 1 Aggregate Results Relevant term text is extracted from web pages Most relevant term text is identified and ranked Evidence is summarized using natural language generation and displayed with confidence score Search Engine 3… Natural Language Processing builds a bridge between anomalous behavior and malicious intent
  • 11. SparkSecure is a comprehensive, advanced cyber security platform Agentless EP Protection Bot Detection Find the Snowden Personally Identifiable Info Web Server Protection Research Automation • Traditional AV detects < 5% of new advanced threats • 56% of web traffic is bot generated • 29% of bot traffic is malicious • 11% of employees access unauthorized docs and sell for profit • Companies need to prevent the leakage of PII. Out of compliance can lead to penalties • Web server breaches, on average, cost $3.79M • Analysts are inundated with alerts, most of which are false positives • Forensic costs went up 25% last year • Ingests network traffic logs to monitors network perimeter for anomalies • Deploys Machine Learning AntiVirus to detect 98% of new zero-day attacks early • Proprietary Machine Learning classification algorithm powers bot identification • Develops Bot signatures and rules to block threats • Uses temporal and behavioral analysis to identify deviations and threats with minimal false positives • Automatically examine user agent and payloads for PII • Stop inbound & outbound leakage • Reads email traffic and attachments for unstructured PII • Analyzes incoming traffic for SQL injections, XSS, DDoS etc. • Co-relates to multiple internal & external sources • Automated threat research expedites time to remediation • Rapid custom data querying in HDFS scales to massive data sets • IBM Watson powered automated threat research and advisor ProblemSolution