Cognitive Analysis With SparkSecure
Download as PPTX, PDF1 like633 views
Cognitive analysis transforms data into insights and enables machines to efficiently handle unstructured data, continuously learning from both past and new information. It incorporates natural language processing (NLP) for enhanced communication and automated threat detection, prioritization, and remediation in security systems. SparkSecure, powered by IBM Watson, provides advanced threat research and analysis to improve the security teams' productivity and response times.
Cognitive Analysis With SparkSecure
- 1. Like the human brain, Cognitive Analysis turns data into insight Processes Information Draws Conclusions Codifies Instincts & Experience into Learning Enables machines to penetrate the complexity of data to identify associations Presents powerful techniques to handle unstructured data Continuously learns not only from previous insights, but also for new data entering the system Provides NLP support to enable human to machine and machine to machine communication Does not require rules, instead relies on hypothesis generation using multiple data sets which might not always appear connected or relevant NLP: Natural Language Processing
- 2. Feature Traditional Security Applications Threat Detection Signature-based detection Signature-free & machine learning based detection Threat Research Manual research Automated research using Natural Language Processing (NLP) technology Threat Comparison Manual comparison Automated comparison of threats against multiple threat repositories Threat Prioritization Manual prioritization of threats and workload Automated threat prioritization using file analysis, research, and NLP Threat Action Manual kick off workflow to remediate Integration with workflow systems and optional automated remediation Automated threat research is a force multiplier for your security teams Increased Productivity – Be proactive, not reactive SparkSecure emulates your best security experts - at machine scale
- 3. Cognitive Security adaptively and intelligently mirrors “human-like” log analysis Security Threat Intel & Advisory Threats prioritized by confidence to streamline user response time Fast queries of petabytes enabled by Hadoop architecture IBM Watson powers in-context threat advisory using the largest gathered corpus of security knowledge Flexible delivery allows for web hosted or on-premises deployment integrated with your SIEM or devices DeepNLP searches open and dark web for threat assessment User inputs train model to improve Machine Learning algorithms Big Data architecture (Spark, Kafka, Hive etc) supports real-time data streaming, massive storage, and easy scalability
- 4. NLP automated research automatically determines threat confidence Automated NLP Research High level threat summary NLP Evidence Summary NLP Confidence Score Reads thousands of pages of relevant threat context
- 5. SparkSecure: comprehensive, cutting-edge defense * IBM Watson remediation is an optional add on We are offering a lot at a very reasonable price point!
- 6. Machine Learning Anti-Virus combats obfuscation and polymorphism Break down the DNA of every file Analyze all of the components individually Determine likelihood of malicious nature
Editor's Notes
- #7: Now let’s talk about where the rubber meets the road. How do we actually handle polymorphic malware with ML? The first thing you can do is explode a file out to a huge feature set. This includes doing header analysis, strings analysis, entropy analysis, and many other types of feature extractions. From there, an extremely advanced classifier can look at all of the different pieces and figure out how they might fit together. Instead of just looking for known signatures, the algorithm looks for patterns and figures out how they might fit together. I’m going to go out on a limb, and I’ve never used this example before, so please bear with me, and compare this to legos. Imagine you have something really mean…like a pirate ship. You know what that looks like when it’s fully built. But what if you break down all of the pieces, you can build anything you want with it. You may be able to tell it’s a boat…but it may be difficult to figure out that it’s a pirate ship. Imagine if you could look at all of the pieces and figure out all of the things that you could make with