Security Automation and Machine Learning - PowerPoint PPT Presentation

About This Presentation
Title:

Security Automation and Machine Learning

Description:

Cybersecurity marketers have also gotten hold of machine learning and it has become the buzzword du jour in many respects. When you're able to cut through the clutter, you will find that machine learning is more than just a buzzword and we should work to fully understand its benefits without overly relying on it as a silver bullet. Visit - – PowerPoint PPT presentation

Number of Views:280

less

Transcript and Presenter's Notes

Title: Security Automation and Machine Learning


1
Security Automation System
  • Machine Learning Means For Security Operations

2
Introduction
  • Over the past two years machine learning has
    found its place firmly in the cybersecurity
    industry and its benefits are indisputable.
    Through machine learning, weve seen great
    improvements implemented into technology that can
    make tangible improvements to our cybersecurity
    posture

3
Machine Learning
4
CyberSecurity Machine Learning
  • Cybersecurity marketers have also gotten hold of
    machine learning and it has become the buzzword
    du jour in many respects. When you're able to cut
    through the clutter, you will find that machine
    learning is more than just a buzzword and we
    should work to fully understand its benefits
    without overly relying on it as a silver bullet.

5
What is Machine Learning?
  • Many people reference machine learning and
    artificial intelligence as if they are the same
    thing, when in reality theyre slightly
    different. Machine learning is a subset of
    artificial intelligence that focuses on computers
    having the ability to learn and predict outputs
    based on algorithms and statistics without being
    directly programmed to do so. One of the many
    ways this is used in cybersecurity is for the
    security automation of behavior-based anomalies

6
Machine Learning Types
  • Machine learning comes in two flavors -
    supervised and unsupervised learning. With
    supervised learning, the system is fed data sets
    to learn from so it can make intelligent
    decisions in the future, such as identifying
    malicious activity. With unsupervised learning, a
    system uses configured algorithms to understand
    whats normal and alerts on behavior that changes
    or deviates from the norm.

7
Security Analysts For Machine Learning
  • Security operations teams who will get the most
    out of machine learning are those who take a
    layered approach of good leadership guiding
    trained engineers who are enabled with efficient
    tools and proper governance. Machine learning
    fills a few of these criteria, but by itself its
    just a tool. What makes all the difference is
    putting these tools in the right hands to help
    cyber incident response that would have never
    been seen without it to enable deeper insight and
    analysis.

8
Threats on Machine Learning
9
Threat Actors Dig Machine Learning Too
  • Over time, we've seen how quickly attackers have
    been able to easily bypass signature-based
    technology with evasive techniques. For a brief
    period, early white hat adopters of machine
    learning helped shift the playing field slightly
    in favor of the good guys. However, this didnt
    last for long and attackers were quick to respond
    to the shift by attacking different vectors or
    implementing machine learning into their own
    techniques.

10
Machine Learning for Prevention and Detection
  • The ability to continually and dynamically learn
    whats normal in behavior, traffic patterns and
    usage across an organization's environment helps
    machine learning-enabled tools to be more
    effective in finding and preventing new attacks.
    For security operations practitioners, this makes
    machine learning an important ally in the
    identification of threats and the proactive
    blocking of known bad activity so more focus can
    be placed on investigation and incident response.

11
Machine Learning for Incident Response
  • With machine learning, millions of variables and
    data points can be analyzed automatically to
    pinpoint anomalies that could be indicators of
    compromise. By ingesting threat intelligence and
    using a combination of both supervised and
    unsupervised learning security operations teams
    can use machine learning to make meaningful
    improvements to incident response programs.

12
Machine Learning for SOC Management
  • Machine learning can enable your SOC management
    systems to get smarter about who on your team is
    best for handling a particular type of threat and
    automatically assign that analyst when the next
    case arises.

13
Conclusion
  • While you should always be wary of cybersecurity
    buzzwords, machine learning truly does have
    tremendous promise for security operations teams.
    The technology is giving SOC teams a leg up in
    many areas, including predictive and behavioral
    analysis, and it will continually change the ways
    we add visibility into our networks and systems,
    conduct investigations, respond to incidents and
    manage security operations.
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Security Automation and Machine Learning" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!