Machine Learning

splunk

Hunting for Detections in Attack Data with Machine Learning

As a (fairly) new member of Splunk’s Threat Research team (STRT), I found a unique opportunity to train machine learning models in a more impactful way. I focus on the application of natural language processing and deep learning to build security analytics. I am surrounded by fellow data scientists, blue teamers, reverse engineers, and former SOC analysts with a shared passion and vision to push the state of the art in cyber defense.

elastic

Detecting unusual network activity with Elastic Security and machine learning

As we’ve shown in a previous blog, search-based detection rules and Elastic’s machine learning-based anomaly detection can be a powerful way to identify rare and unusual activity in cloud API logs. Now, as of Elastic Security 7.13, we’ve introduced a new set of unsupervised machine learning jobs for network data, and accompanying alert rules, several of which look for geographic anomalies.

netacea

What are the top misconceptions about machine learning?

Many businesses are now talking about artificial intelligence (AI), and specifically machine learning, as a way to solve data problems more effectively. In theory, this sounds easy. What could be better than using AI to get a computer to learn how to solve a problem over time, without manual intervention? The reality is very different, however.

elastic

Detecting threats in AWS Cloudtrail logs using machine learning

Cloud API logs are a significant blind spot for many organizations and often factor into large-scale, publicly announced data breaches. They pose several challenges to security teams: For all of these reasons, cloud API logs are resistant to conventional threat detection and hunting techniques.

appknox

The Role of AI and ML in Preventing Cybercrime

According to a seminal Clark School study, a hacker attacks a computer with internet access every 39 seconds. What’s more, almost a third of all Americans have been harmed by a hacker at one point or another, and more than two-thirds of companies have been victims of web-based attacks. A 2020 IBM study showed that the total cost of data breaches worldwide amounted to $3.9 million, which just may sound the death knell for many businesses affected by breaches.

splunk

Threat Hunting With ML: Another Reason to SMLE

Security is an essential part of any modern IT foundation, whether in smaller shops or at enterprise-scale. It used to be sufficient to implement rules-based software to defend against malicious actors, but those malicious actors are not standing still. Just as every aspect of IT has become more sophisticated, attackers have continued to innovate as well. Building more and more rules-based software to detect security events means you are always one step behind in an unsustainable fight.

splunk

Creating a Fraud Risk Scoring Model Leveraging Data Pipelines and Machine Learning with Splunk

According to the Association of Certified Fraud Examiners, the money lost by businesses to fraudsters amounts to over $3.5 trillion each year. The ACFE's 2016 Report to the Nations on Occupational Fraud and Abuse states that proactive data monitoring and analysis is among the most effective anti-fraud controls.