My wife tells me that I’m too free with information that I share – that I give too much away. I don’t know. The way I figure it, most of what I think can be found with Google, so why not package up what I’ve learned, & gain a little good will along the way? To me, it frees my mind to try on different perspectives. And every once and a while I stumble onto a new idea. Then someone recognizes it & sends me a note of appreciation. A new relationship blossoms or a new friendship starts. I’d rather have 10,000 people come to my funeral in 30 years than $10,000 in my pocket today. Then again, maybe those two things aren’t mutually exclusive. Hmmmm… Something to ponder by the pool this weekend.
The chart below represents months of research by the InterWorks team & various people who lend us insight on a regular basis. It also represents the processes we’ve developed over the years to identify game changing technologies in securing networks, devices, & organizations. Hey! Gartner would want to charge you $1,695 for this kind of stuff, make it a lot more verbose, and then charge the vendors to distribute it. Sometimes I think they’re reading this blog to know where they need to go next. (But seriously, they’ve already put out a couple of really good papers on ML. And we distill a lot of their thinking into our thinking, so it’s a little more than tongue-in-cheek when I say they get all their good ideas from InterWorks.)
Honoring my desire to accelerate your research into machine learning being applied to InfoSec, here are a couple of resources that we think are “world class”… I can’t say you’ll have PhD knowledge on the subject, but you’ll have a broad understanding of the topic and be able to cut through a lot of the hype that’s starting to happen.
TIF – you want to understand why machine learning is the most significant disruption in ITSec… !EVER!… this is a must watch!
Mark Russinovich, the CTO for Microsoft Azure at RSA ’16… https://www.youtube.com/watch?v=fRklX97iGIw&list=PLeUGLKUYzh_gV-NM1Sa5UsgtuhTa2BKj6
InterWorks has been working to identify the leaders in this first wave of machine learning InfoSec technologies. Here is our summary of what we believe to be the machine learning technologies that companies should first consider for implementation today…
|Vectra||www.vectranetworks.com||Network centric malicious behavior detection||Preventing Cyberattacks in a Network (11 min,start@3:45)||Microsoft deployed at the core of their Redmond network watching 250K+ devices|
|Darktrace||www.darktrace.com||Unsupervised network anomaly detection||Darktrace (5 min)||NSA & MI5 roots, but customer data is stored in UK today|
|Prelert||www.prelert.com||SIEM & log analysis||Prelert Anomaly Detective for Splunk (6 min)||Impressive results, but integration primarily with Splunk only|
|Bastille||www.bastille.io||“Fingerprints” people to RF devices in a secure area||Bastille Corporate Video (2 min)||Gartner Cool Vendor, May 2016, limited use cases due to cost, but where it is needed, there’s nothing else like it|
|Cylance||www.cylance.com||Endpoint security||2014 AT&T Cybersecurity Conference Keynote (38 min)||Extremely impressive growth rate. Most reading this blog are familiar with Cylance, but not the video|
|PatternEx||www.patternex.com||Threat analytics||MIT study’s Results (5 min)||Claims to reduce false positives 5x & increases detection rates 10x. Small company, but getting lots of publicity because of joint effort with MIT.|
Full Disclosure: InterWorks has a relationship with some of the companies above. We’re investing time & energy into them. Why? Because they are having a signficant impact on SecOps & Incident Response teams.
I hope this can serve as a good starting point for you. We’re happy to discuss any of this in more detail. Give us a call or email.