<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"
	xmlns:content="http://purl.org/rss/1.0/modules/content/"
	xmlns:wfw="http://wellformedweb.org/CommentAPI/"
	xmlns:dc="http://purl.org/dc/elements/1.1/"
	xmlns:atom="http://www.w3.org/2005/Atom"
	xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
	xmlns:slash="http://purl.org/rss/1.0/modules/slash/"
	>

<channel>
	<title>Security Analytics Archives - Artificial Intelligence</title>
	<atom:link href="https://www.aiuniverse.xyz/tag/security-analytics/feed/" rel="self" type="application/rss+xml" />
	<link>https://www.aiuniverse.xyz/tag/security-analytics/</link>
	<description>Exploring the universe of Intelligence</description>
	<lastBuildDate>Thu, 17 May 2018 05:52:51 +0000</lastBuildDate>
	<language>en-US</language>
	<sy:updatePeriod>
	hourly	</sy:updatePeriod>
	<sy:updateFrequency>
	1	</sy:updateFrequency>
	<generator>https://wordpress.org/?v=7.0</generator>
	<item>
		<title>How To Approach AI-Enhanced Cybersecurity</title>
		<link>https://www.aiuniverse.xyz/how-to-approach-ai-enhanced-cybersecurity/</link>
					<comments>https://www.aiuniverse.xyz/how-to-approach-ai-enhanced-cybersecurity/#comments</comments>
		
		<dc:creator><![CDATA[aiuniverse]]></dc:creator>
		<pubDate>Thu, 17 May 2018 05:52:51 +0000</pubDate>
				<category><![CDATA[Artificial Intelligence]]></category>
		<category><![CDATA[Machine Learning]]></category>
		<category><![CDATA[cybersecurity]]></category>
		<category><![CDATA[IT security]]></category>
		<category><![CDATA[Machine learning]]></category>
		<category><![CDATA[Security Analytics]]></category>
		<guid isPermaLink="false">http://www.aiuniverse.xyz/?p=2392</guid>

					<description><![CDATA[<p>Source &#8211; scmagazine.com The continual increase in security threats combined with an overwhelming amount of data and false positives is creating major headaches for IT security teams. Additionally, <a class="read-more-link" href="https://www.aiuniverse.xyz/how-to-approach-ai-enhanced-cybersecurity/">Read More</a></p>
<p>The post <a href="https://www.aiuniverse.xyz/how-to-approach-ai-enhanced-cybersecurity/">How To Approach AI-Enhanced Cybersecurity</a> appeared first on <a href="https://www.aiuniverse.xyz">Artificial Intelligence</a>.</p>
]]></description>
										<content:encoded><![CDATA[<p>Source &#8211; scmagazine.com</p>
<p>The continual increase in security threats combined with an overwhelming amount of data and false positives is creating major headaches for IT security teams. Additionally, the cybersecurity industry faces a colossal shortage of talent, making it nearly impossible to stay on top of the latest threats.</p>
<p>Enter artificial intelligence (AI).</p>
<p>According to data from ESG research, 12 percent of enterprise organizations have already deployed AI-based security analytics extensively, while another 27 percent have deployed AI-based security analytics on a more limited basis.</p>
<p>The relationship between AI and Machine Learning (ML) is often poorly articulated. Artificial Intelligence is simply concerned with causing machines to perform tasks characteristic of human intelligence. And ML is simply a way in which that AI can be achieved. Because ML provides a mechanism of learning where systems do not need to be explicitly programmed, we now have a chance to achieve AI with the enormously wide and high-fidelity data sets on which modern security systems must function if they wish to be effective.</p>
<p>In this sense, AI can simplify the work of the security operations center (SOC) by aiding with the coordination of many different forms of analysis. It can clarify the intelligence landscape and help weed out noise and false positives. It also holds promise to alleviate cybersecurity staffing woes by potentially automating everything. But there&#8217;s much to consider before AI can become the cornerstone of your IT security framework.</p>
<p><b>The Challenges of AI</b></p>
<p>At the present, the state of the art in AI is all about performing very narrow and specific tasks. However, sophisticated and advanced attacks cross many different surfaces and knowledge areas, some of which are technological and many of which are simply organizational. These require a highly generalized intelligence which is a widely unrealized goal in AI.</p>
<p>For example, one of the most misleading claims in the market is all the hype around AI transforming the way threat actors work. Realistically, AI is not being used much on the offense side for very simple reasons: the most sophisticated attacks are deeply human, working with strong organizational knowledge gained through existing employees, social engineering, rogue actors, etc. When coupled with knowledge of the most effective communication patterns, these human-led attacks are more likely to succeed. And although AI may play a role in automating attacks as well as defense in the future, most major risks will come from a non-AI approach. AI is simply not yet advanced enough, nor does it have easy access to all the required data, to outperform humans on this front.</p>
<p>On the defensive side, AI has become a marketing buzzword—often used interchangeably with ML—causing considerable confusion, especially in early adoption.</p>
<p><a name="_gjdgxs"></a><b>How AI Helps IT Security and Thwarts Attacks</b><b> </b></p>
<p>Although we&#8217;re nowhere close to the point the point where AI solutions have total autonomy and can replace highly-skilled security staff, there are aspects of AI and ML that can be used to help enhance the humans who use this technology. For example, the same ESG study notes that 29 percent of respondents indicated that they were interested in using AI-based cybersecurity to accelerate detection—curating, correlating and enriching security alerts, to create a more complete detection story across various expert systems. Additionally, 27 percent see value in using AI-based cybersecurity technology to improve and speed up incident response—prioritizing serious incidents and even automating remediation tasks.</p>
<p>Another significant role for AI in security is to advance threat research. Intelligence is still largely a human research effort. It combines knowledge of current threat actors, tactics, techniques and procedures. It is coupled with a sense for how attacks can leverage vulnerabilities and work across numerous surfaces and is ideally augmented with information sharing within working groups. AI can play a very serious role in accelerating research, automatically generating new indicators of compromise, and identifying future research opportunities. But only if it has the data.</p>
<p>So at the end of the day, AI really is not about replacing humans. It&#8217;s about serving them better and helping them focus on the things at which they are best: being creative, executing on high-level reasoning, managing for context, adapting quickly, and sorting through what does and does not matter. Machines are great at speed, repetition, automation and scale: things for which humans would be really inefficient.</p>
<p>Therefore, when it comes to AI, truly successful solutions will be human focused and will blend AI and ML techniques with the skills of expert analysts. Taking this approach, security teams can create “machine-accelerated” humans—cybersecurity professionals who work in conjunction with AI and ML to proactively identify and mitigate threats faster and more reliably, primarily through freeing up humans to focus on strategic initiatives.</p>
<p>The post <a href="https://www.aiuniverse.xyz/how-to-approach-ai-enhanced-cybersecurity/">How To Approach AI-Enhanced Cybersecurity</a> appeared first on <a href="https://www.aiuniverse.xyz">Artificial Intelligence</a>.</p>
]]></content:encoded>
					
					<wfw:commentRss>https://www.aiuniverse.xyz/how-to-approach-ai-enhanced-cybersecurity/feed/</wfw:commentRss>
			<slash:comments>5</slash:comments>
		
		
			</item>
		<item>
		<title>Big Data Provider Cloudwick Launches Security Analytics Platform</title>
		<link>https://www.aiuniverse.xyz/big-data-provider-cloudwick-launches-security-analytics-platform/</link>
					<comments>https://www.aiuniverse.xyz/big-data-provider-cloudwick-launches-security-analytics-platform/#comments</comments>
		
		<dc:creator><![CDATA[aiuniverse]]></dc:creator>
		<pubDate>Wed, 26 Jul 2017 07:39:05 +0000</pubDate>
				<category><![CDATA[Big Data]]></category>
		<category><![CDATA[Amazon Web Services]]></category>
		<category><![CDATA[Big data]]></category>
		<category><![CDATA[cloud]]></category>
		<category><![CDATA[Cloudwick Launches]]></category>
		<category><![CDATA[Security Analytics]]></category>
		<category><![CDATA[Security Analytics Platform]]></category>
		<category><![CDATA[telemetry data]]></category>
		<guid isPermaLink="false">http://www.aiuniverse.xyz/?p=302</guid>

					<description><![CDATA[<p>Source &#8211; sdxcentral.com Big data service provider Cloudwick today launched a security analytics product at Black Hat USA that the company claims can ingest more than 100 million events per second of <a class="read-more-link" href="https://www.aiuniverse.xyz/big-data-provider-cloudwick-launches-security-analytics-platform/">Read More</a></p>
<p>The post <a href="https://www.aiuniverse.xyz/big-data-provider-cloudwick-launches-security-analytics-platform/">Big Data Provider Cloudwick Launches Security Analytics Platform</a> appeared first on <a href="https://www.aiuniverse.xyz">Artificial Intelligence</a>.</p>
]]></description>
										<content:encoded><![CDATA[<p>Source &#8211; <strong>sdxcentral.com</strong></p>
<p>Big data service provider Cloudwick today launched a security analytics product at Black Hat USA that the company claims can ingest more than 100 million events per second of telemetry data. This includes network packets, netflow, logs, and alerts.</p>
<p>Cloudwick calls the new platform CDL, which stands for cyber data lake. It’s a converged system comprised of a Cloudwick managed hardware appliance with integrated software. It can also be deployed as a virtual appliance on Amazon Web Services (AWS), using AWS Direct Connect to connect the data center appliance to the cloud.</p>
<p>Mark Schreiber, general manager at Cloudwick, said most other platforms can ingest 100,000 events per second, while some high-performing products can do 500,000 per second.</p>
<p>After the appliance captures the data via an ingestion pipeline, it stores it in an on-premise data lake. Then the software layer — called CDL Manager — provides access to security and compliance teams, and uses machine learning, advanced analytics, and artificial intelligence to detect threats and prevent future attacks.</p>
<p>Uses cases include compliance, incident response and investigation, risk and vulnerability management, and securing the cloud.</p>
<p>In addition to AWS, Cloudwick worked with other technology partners to develop the platform. These include Solarflare, LogTrust, Bricata, Corelight, Protectwise, H20.ai, and Graphistry.</p>
<p>Cloudwick developed proprietary software for the product and is seeking patents for some of it. It also used open source Apache Hadoop and Apache Spark and integrated technology from Bricata, Corelight, and Solarflare into the platform.</p>
<p>Intel provided funding to Cloudwick to develop the product.</p>
<p>The company began working on the platform two years ago, when Intel approached the team looking for a vendor to develop “next-gen technology to power security,” Schreiber said.</p>
<h2>‘Democratizing’ Security Analytics</h2>
<p>The platform “democratizes” security analytics data, he said, meaning that it makes the data accessible to the enterprise, which can use various applications and tools to analyze it.</p>
<p>“One of the other challenges was this siloed security,” he said. “If you look at the next-generation of technology required to combat today’s threats, it really requires the democratization of data into a Salesforce-type model. You don’t want to have 10 vendors managing 10 petabytes each. You want to have one capture, one platform, and then providing access to all of your analytics vendors internally and externally.”</p>
<p>Schreiber said he can’t name any CDL customers but says verticals include banking, finance, insurance, and healthcare.</p>
<p>In an email, 451 Research analyst Eric Ogren said Cloudwick has some “nifty ideas,” but only time will tell if the company can execute its vision.</p>
<p>“I am big on analytics driving the modern security strategy,” Ogren said. “That is, security operations will start with intelligence gleaned from analytics and can then in real-time apply preventive features This will take a few years, but it is going to happen. The key is to get past the security myopia to bridge IT and cloud information — Cloudwick gets this and is well positioned to capitalize.”</p>
<p>This idea of democratizing security data is also the driving force behind another product being unveiled this week at Black Hat — this one from Jask. Startup Jask launched in June with $12 million in Series A funding, led by Dell Technologies Capital. Its security platform called Trident focuses on predictive security and aims to automate threat analytics in the enterprise security operations center.</p>
<h2>Re-Inventing Security</h2>
<p>Ogren said the company faces challenges including “falling in love with a boil the ocean vision,” meaning talking about analyzing petabytes to shine light on the unknown without articulating what security problems they can solve.</p>
<p>“Cloudwick has an advantage in performance (assuming they do not Pinocchio when talking with us) and in being a cloud service (keeps away from legacy on-prem stuff),” he explained. “The trick will be to keep defining the problem in ways to keep ahead of the market.”</p>
<p>The company also will have to convince chief security officers that “traditional security operations thinking” is not the way to prevent attacks.</p>
<p>“Cloudwick will be asked by enterprise CSOs for capabilities that they see in existing products, or be asked to solve the security operations labor problem,” he said. “Cloudwick’s job should be to put the SOC [security operations center] out of business entirely.”</p>
<p>&nbsp;</p>
<p>The post <a href="https://www.aiuniverse.xyz/big-data-provider-cloudwick-launches-security-analytics-platform/">Big Data Provider Cloudwick Launches Security Analytics Platform</a> appeared first on <a href="https://www.aiuniverse.xyz">Artificial Intelligence</a>.</p>
]]></content:encoded>
					
					<wfw:commentRss>https://www.aiuniverse.xyz/big-data-provider-cloudwick-launches-security-analytics-platform/feed/</wfw:commentRss>
			<slash:comments>4</slash:comments>
		
		
			</item>
	</channel>
</rss>
