Presented at
BSidesDC 2017,
Oct. 7, 2017, 4:30 p.m.
(50 minutes).
Information Security (InfoSec) operations analysts are deluged with data, and that is with not even reviewing a significant portion of an organization’s logged data - and certainly not in anything close to real-time. Additionally, too many of the alerts generated by log reviews (e.g., by a SIEM) are false positives - an unnecessary distraction for analysts, and a contribution to the embarrassing number of false negatives. With log volumes growing significantly year over year, a radical change in approach is needed.
Enter AI. Not just machine learning, but AI; specifically, active learning. In this presentation, we will discuss how to augment a critical shortage of trained analyst personnel with active learning, institutionalize their knowledge of benign traffic and attacks, and how to share that knowledge between organizations.
Presenters:
-
Tim Mather
- Chief Security Strategist at PatternEx
Tim Mather is Chief Security Strategist at PatternEx, a security start-up working on bringing artificial intelligence to information security. He is a long-time information security practitioner, having also served in senior security roles previously at Cadence Design Systems, Splunk and Symantec as CISO; at RSA Security at Chief Security Strategist; and, as head of information security at VeriSign and Apple.
He has co-authored two books on information security: “*Cloud Security and Privacy: An Enterprise Perspective on Risks and Compliance*” (O'Reilly) and “*The Executive Guide to Information Security: Threats, Challenges, and Solutions*” (Addison-Wesley). Tim is a CISSP, CISA, and CISM. He holds Master’s Degrees in Information Assurance from Brandeis University, National Security Studies from Georgetown University, and International Policy Studies from Monterey Institute of International Studies. He holds a Bachelor’s Degree in Political Economics from the University of California at Berkeley. Tim has extensive public speaking experience at major information security conferences.
-
Ignacio Arnaldo
- Chief Data Scientist at PatternEx
Ignacio Arnaldo is Chief Data Scientist at PatternEx, a security start-up working on bringing artificial intelligence (AI) to information security. He holds MSc and PhD degrees in Computer Science and AI from the Universidad Complutense in Madrid, Spain. He also did post-doctoral research at MIT’s CSAIL (Computer Science and Artificial Intelligence Laboratory).
Links:
Similar Presentations: