LogRythm, a security intelligence company, has released a new whitepaper which talks about machine learning (ML) and artificial intelligence (AI) usage in cybersecurity, which represents the next level in security analytics.
According to the whitepaper, security teams are facing a big problem with a sheer volume of alarms, making it hard to filter out false positives from real threats, as well as next-generation threats, and that is where both machine learning (ML) and artificial intelligence (AI) come in.
Artificial intelligence and machine learning are two different technologies that can be used in different ways and where AI can help automate security processes by using log data, user behavior and data flows to create a whitelist of normal network behavior, machine learning is the one that provides that same context from security systems.
AI can also be used to prevent certain malware attacks even before it becomes a problem and also even prevent attacks from known sources or those with recognized software signatures. It can also be set to act autonomously or report suspicious activity to the security teams.
Of course, the whitepaper also talks about LogRhythm’s AI Engine, which can generate templates that customers can use to build their own bespoke defenses as well as the SmartResponse plug-in which allows actions to be taken once threats have been identified, such as allowing a compromised system to be automatically isolated.
The whitepaper also focuses on the future of artificial intelligence, which is clearly a shift to the cloud, allowing systems to offer more scalability as well as increase data available to AI systems, which accelerates the learning rates.
The whitepaper concludes that both AI and ML will allow security teams to take “a more strategic and proactive approach to cybersecurity instead of just reacting to the latest attack”.
You can download the full whitepaper from LogRythm, titled “Machine learning and artificial intelligence in cybersecurity – The next level in security analytics”, over at CBROnline.com (possible registration required).