Machine Learning for Security Operations - PowerPoint PPT Presentation

View by Category
About This Presentation
Title:

Machine Learning for Security Operations

Description:

The technology is giving SOC teams a leg up in many areas, including predictive and behavioral analysis, and it will continually change the ways we add visibility into our networks and systems, conduct investigations, incident response and manage security operations. Visit - – PowerPoint PPT presentation

Number of Views:2

less

Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: Machine Learning for Security Operations


1
Machine Learning for Security Operations
2
Introduction
  • Over the past two years machine learning has
    found its place firmly in the cybersecurity
    industry and its benefits are indisputable.
    Through machine learning, weve seen great
    improvements implemented into technology that can
    make tangible improvements to our cybersecurity
    posture

3
Steps In Machine Learning
4
Benefits of Machine Learning
  • Cybersecurity marketers have also gotten hold of
    machine learning and it has become the buzzword
    du jour in many respects. When you're able to cut
    through the clutter, you will find that machine
    learning is more than just a buzzword and we
    should work to fully understand its benefits
    without overly relying on it as a silver bullet.

5
What is Machine Learning?
  • Many people reference machine learning and
    artificial intelligence as if they are the same
    thing, when in reality theyre slightly
    different. Machine learning is a subset of
    artificial intelligence that focuses on computers
    having the ability to learn and predict outputs
    based on algorithms and statistics without being
    directly programmed to do so. One of the many
    ways this is used in cybersecurity is for the
    automatic identification of behavior-based
    anomalies.

6
Types of Machine Learning
  • Machine learning comes in two flavors -
    supervised and unsupervised learning. With
    supervised learning, the system is fed data sets
    to learn from so it can make intelligent
    decisions in the future, such as identifying
    malicious activity. With unsupervised learning, a
    system uses configured algorithms to understand
    whats normal and alerts on behavior that changes
    or deviates from the norm.

7
Security Analysts For Machine Learning
  • Machine learning is not meant to replace
    analysts, but to supplement them and help equip
    them to make quicker and better decisions.
    Security automations teams who will get the most
    out of machine learning are those who take a
    layered approach of good leadership guiding
    trained engineers who are enabled with efficient
    tools and proper governance. Machine learning
    fills a few of these criteria, but by itself its
    just a tool.

8
Machine learning holds great promise for security
operations
9
Threat Actors Dig Machine Learning
  • As with anything that works, weve seen threat
    actors take advantage machine learning's
    sophistication by implementing aspects of it into
    their tools. This is shifting the way the bad
    guys implement attacks. For a brief period,
    early white hat adopters of machine learning
    helped shift the playing field slightly in favor
    of the good guys. However, this didnt last for
    long and attackers were quick to respond to the
    shift by attacking different vectors or
    implementing machine learning into their own
    techniques.

10
Security Operations Teams Can Leverage Machine
Learning
  • The biggest proposition vendors with machine
    learning features make is that it can help
    security teams and their technologies adapt to
    the arms race that is happening in cyber security
    automation.

11
Conclusion
  • The technology is giving SOC teams a leg up in
    many areas, including predictive and behavioral
    analysis, and it will continually change the ways
    we add visibility into our networks and systems,
    conduct investigations, incident response and
    manage security operations.
About PowerShow.com