Truth #2 described how linear classifiers will result in lots of false positives and false negatives. More sophisticated data modeling is needed. And what is necessary for those models to be properly trained is data, lots of data! That is the subject of this post. Recall...
In my first blog post in this series, I described the first truth about using AI for cybersecurity, which is that Anomalies Aren’t (Necessarily) Threats. In that post, I described how unsupervised machine learning, typically used by many Network Threat Analytics (NTA) solutions for anomaly...
Introduction Artificial Intelligence (AI) can be a tremendous asset when it comes to cybersecurity. This is true for several reasons. AI can search a large amount of information to find interesting signals and similarities among the data. It can recognize previously unknown threats and can find hidden...
Based on the results of a recent survey, it’s clear that organizations of all sizes are exposed by gaps in their security coverage. They are understaffed, are distracted by false positives, have unprotected endpoints, and are migrating to the cloud without adequate security systems in...
Encrypted traffic is increasingly used by bad actors to conceal cyber threats. Gartner states that 60% of cyberattacks carried out in 2019 leverage encryption, while by 2020, the figure is set to rise to 70%. Understanding how your security solutions recognize or prevent threats within...
In any given attack campaign, bad actors have a specific goal in mind. This goal could involve accessing a developer’s machine and stealing a project’s source code, sifting through a particular executive’s emails, or exfiltrating customer data from a server that’s responsible for hosting payment...
Most security operation centers face an overwhelming number of security alerts every day. Limited resources make it impossible to investigate them all, and most warnings are inaccurate false positives. Effective security alert triage – the process of quickly and accurately determining the severity of a...
False positives, those alarming notifications that turn out to be nothing at all, might initially seem like minor inconveniences, but they dramatically reduce the accuracy of security tools and create huge impediments for security analysts. Unable to remove the noise generated by numerous false positives,...
With the significant growth of the Android operating system, cybercriminals are increasingly using the platform for malicious purposes, and organizations can no longer ignore these threats. This post describes the most effective techniques for detecting Android-based malware, and thwarting it. In 2017, Android overtook Microsoft Windows...
Browser-based cyberthreats have become one of the biggest concerns facing cybersecurity professionals today. It’s critical for organizations to implement effective protection from these hard-to-detect attacks. Introduction Of all the software in use, browsers are the most exposed. They are constantly connecting to the outside world, and frequently...
This is an necessary category.
This is an non-necessary category.
