Semantic reasoning understands the data and makes logical conclusions the same way security analyst does. We discuss how this form of AI can revolutionize the low-level data analysis, model expert knowledge, and empower critical decision making.
6. PAIN POINTS
• Our current “Security Log Analytics” approach sucks
• Performance and scaling issues
• Overwhelming amount of data to analyze
• Expensive queries
• Dashboards never reveal the complete picture
• Missing context
• Too many false positives. Rules make too many assumptions.
• Algorithms don’t understand the difference between an anomaly and a malicious intent
• Zombie workflows
• Not one person knows everything about the environment
14. • Capture and represent
knowledge as a network of facts
• Automatically make conclusions
based on these facts
• Fill gaps in information provided
by data
• Focus on higher level problems
15. SOME USEFUL CONCEPTS
1. Inheritance
2. Reverse edges
3. Axioms (reasoning
rules)
Employee
Person
DoB
Gender
DL #
DoB
Gender
DL #
Employee ID
Class
Subclass
Domain
Host
belongs to
contains