There is a lot of hype, confusion and misinformation regarding the use of machine learning, data sciences and AI for advanced threat detection. While it is true that many security solution vendors across the various disciplines of security have incorporated elements of data sciences for security detection, complete explanation, and adoption from the ground up is not common at all.
Security technologies that have started to leverage machine learning techniques for the development of threat detection models include network traffic analysis, endpoint threat detection, user monitoring, security management and more. However, the vendors promoting these models and the products that employ them are hesitant to deeply describe the architectures and methods.
To tackle this problem, the Securonix Data Sciences team has embarked on a project that will clear some of the confusion that surrounds AI based cybersecurity. In this project, the Securonix team will not only describe the overall need for AI-based security but will also describe the various the various learning methods, behavioral models and the threat libraries that they have built the Securonix security analytics platform on. Most importantly, the Securonix Data Sciences team will add examples of how they actually apply each technique to specific problems, at specific customers, and for specific vertical/functional applications.
We will release this publication over a period of time in the form of in-depth blog posts, or “chapters” starting next week. We are excited about this project and hope to advance your understanding of big data principles as they apply to cybersecurity, as well as give you the ability to separate true machine learning and AI-based threat detection from hype.
Other chapters in this series:
Ch 1 – SIEM 2.0: Why do you need security analytics?
Ch 2 – Data Science: Statistics vs. Machine Learning
Ch 3 – Unsupervised Learning: Combining Security and Data Science
Ch 4 – Supervised Learning: Capturing The Thought Process Of An Analyst