Cognitive Security: How Artificial Intelligence is Your New Best Friend
•
2 likes•871 views
For more information, visit http://sparkcognition.com For all that you hear about artificial intelligence and machine learning, how can it help you keep your networks safer and more secure? In this new era of computing, we will explore how artificial intelligence is being used to super charge human intelligence in threat detection, evidence gathering and remediation. In this webinar we will discuss how this new, cutting edge cognitive security is being utilized to: Increase speed, accuracy, and data processing capabilities to unparalleled levels Reduce false alarms Provide sub-second malware detection Retain knowledge in a self-learning environment Provide signature free security and zero-day threat detection
Recommended
More Related Content
What's hot
What's hot (20)
Viewers also liked
Viewers also liked (20)
Similar to Cognitive Security: How Artificial Intelligence is Your New Best Friend
Similar to Cognitive Security: How Artificial Intelligence is Your New Best Friend (20)
Recently uploaded
Recently uploaded (20)
Cognitive Security: How Artificial Intelligence is Your New Best Friend
- 1. Cognitive Security: How Artificial Intelligence Is Your New Best Friend
- 2. TM The potential for machine learning in the cyber space KEITH MOORE DIRECTOR OF PRODUCT MANAGEMENT SPARKCOGNITION
- 3. Why Machine Learning Is Needed To Solve These Problems Automates the analyst research process Scales to ingest massive data streams Combats constantly evolving malware variants Defends networks against hard to identify APTs Cross-correlates between data to find threats
- 4. SparkCognition A.I. technology can accelerate Decision Making • Identifies anomalous events • Aggregates multiple data streams • Recognizes known and unknown patterns • Incorporates analyst feedback so that underlying models learn from human response • Presents actionable evidence behind its conclusions A.I software trains on historical events to recognize patterns and provide maximum business awareness Scan for matches Against DB and Suspected Patterns Patterns Stored in Cognitive DB Supervisory Input Confidential
- 5. TM What sort of problems can be solved using machine learning?
- 6. Polymorphic malware is significantly shifting the security landscape 78% of security analysts no longer trust anti-virus tools 99% of malware hashes are seen for only 58 seconds or less 16% of malware samples are “virtual machine aware”
- 7. Machine Learning Anti-Virus combats obfuscation and polymorphism Break down the DNA of every file Analyze all of the components individually Determine likelihood of malicious nature
- 8. • 50% of analysts cite too many false positives as a significant detractor of SIEM use SIEM Big data is leading to a big problem… 10,000 Alerts
- 9. • Analysts can focus on real threats with much of their research completely automated SIEM Machine Learning research and prioritization tools ensure analysts look at relevant threats 10,000 Alerts
- 10. Identifying terms are pulled from potential threat anomalies Multiple search engines are automatically queried (e.g.: “Is Opera/ 12.14 using Port 8888 a threat?” ) Search engine results are filtered for language and relevance Threat Term Filter Threat Confidence & Evidence NLP Model Processing Summary Generation Search engine results are aggregated Proprietary NLP model reads and understands language, assigns confidence score reflecting malicious nature Extraction Search Engine 2 Search Engine 1 Aggregate Results Relevant term text is extracted from web pages Most relevant term text is identified and ranked Evidence is summarized using natural language generation and displayed with confidence score Search Engine 3… Natural Language Processing builds a bridge between anomalous behavior and malicious intent
- 11. SparkSecure is a comprehensive, advanced cyber security platform Agentless EP Protection Bot Detection Find the Snowden Personally Identifiable Info Web Server Protection Research Automation • Traditional AV detects < 5% of new advanced threats • 56% of web traffic is bot generated • 29% of bot traffic is malicious • 11% of employees access unauthorized docs and sell for profit • Companies need to prevent the leakage of PII. Out of compliance can lead to penalties • Web server breaches, on average, cost $3.79M • Analysts are inundated with alerts, most of which are false positives • Forensic costs went up 25% last year • Ingests network traffic logs to monitors network perimeter for anomalies • Deploys Machine Learning AntiVirus to detect 98% of new zero-day attacks early • Proprietary Machine Learning classification algorithm powers bot identification • Develops Bot signatures and rules to block threats • Uses temporal and behavioral analysis to identify deviations and threats with minimal false positives • Automatically examine user agent and payloads for PII • Stop inbound & outbound leakage • Reads email traffic and attachments for unstructured PII • Analyzes incoming traffic for SQL injections, XSS, DDoS etc. • Co-relates to multiple internal & external sources • Automated threat research expedites time to remediation • Rapid custom data querying in HDFS scales to massive data sets • IBM Watson powered automated threat research and advisor ProblemSolution
- 12. TM Thank You