Blog

AI and the future of cybersecurity work

Posted by Sohrob Kazerounian on Nov 7, 2018 8:08:00 AM

In February 2014, journalist Martin Wolf wrote a piece for the London Financial Times[1] titled Enslave the robots and free the poor. He began the piece with the following quote:

“In 1955, Walter Reuther, head of the US car workers’ union, told of a visit to a new automatically operated Ford plant. Pointing to all the robots, his host asked: How are you going to collect union dues from those guys? Mr. Reuther replied: And how are you going to get them to buy Fords?”

Read More »

Topics: AI, machine learning, deep learning


Most attacks against energy and utilities occur in the enterprise IT network

Posted by Chris Morales on Nov 1, 2018 5:00:00 AM

The United States has not been hit by a paralyzing cyberattack on critical infrastructure like the one that sidelined Ukraine in 2015. That attack disabled Ukraine's power grid, leaving more than 700,000 people in the dark.

But the enterprise IT networks inside energy and utilities networks have been infiltrated for years. Based on an analysis by the U.S. Department of Homeland Security (DHS) and FBI, these networks have been compromised since at least March 2016 by nation-state actors who perform reconnaissance activities looking industrial control system (ICS) designs and blueprints to steal.

Read More »

Topics: attacker behavior, cybersecurity, Threat Detection, AI, critical infrastructure, IT, cyberattackers


Integrating with Microsoft to detect cyberattacks in Azure hybrid clouds

Posted by Gareth Bradshaw on Sep 25, 2018 5:58:37 AM

Microsoft unveiled the Azure Virtual Network TAP, and Vectra announced its first-mover advantage as a development partner and the demonstration of its Cognito platform operating in Azure hybrid cloud environments.

Read More »

Topics: AI, machine learning, deep learning, cloud, Microsoft


Near and long-term directions for adversarial AI in cybersecurity

Posted by Sohrob Kazerounian on Sep 12, 2018 6:00:00 AM

The frenetic pace at which artificial intelligence (AI) has advanced in the past few years has begun to have transformative effects across a wide variety of fields. Coupled with an increasingly (inter)-connected world in which cyberattacks occur with alarming frequency and scale, it is no wonder that the field of cybersecurity has now turned its eye to AI and machine learning (ML) in order to detect and defend against adversaries.

The use of AI in cybersecurity not only expands the scope of what a single security expert is able to monitor, but importantly, it also enables the discovery of attacks that would have otherwise been undetectable by a human. Just as it was nearly inevitable that AI would be used for defensive purposes, it is undeniable that AI systems will soon be put to use for attack purposes.

Read More »

Topics: AI, machine learning, deep learning


2018 Black Hat Superpower Survey: It's about time and talent

Posted by Chris Morales on Aug 22, 2018 2:57:12 PM

2018 Black Hat survey: It’s about time and talent

We love Black Hat. It’s the best place to learn what information security practitioners really care about and what is the truth of our industry. Because we want to always be relevant to customers, we figured Black Hat is an ideal event to ask what matters.

Read More »

Topics: attacker behavior, cybersecurity, Threat Detection, AI, SOC


Choosing an optimal algorithm for AI in cybersecurity

Posted by Sohrob Kazerounian on Aug 15, 2018 6:00:00 AM

In the last blog post, we alluded to the No-Free-Lunch (NFL) theorems for search and optimization. While NFL theorems are criminally misunderstood and misrepresented in the service of crude generalizations intended to make a point, I intend to deploy a crude NFL generalization to make just such a point.

You see, NFL theorems (roughly) state that given a universe of problem sets where an algorithm’s goal is to learn a function that maps a set of input data X to a set of target labels Y, for any subset of problems where algorithm A outperforms algorithm B, there will be a subset of problems where B outperforms A. In fact, averaging their results over the space of all possible problems, the performance of algorithms A and B will be the same.

With some hand waving, we can construct an NFL theorem for the cybersecurity domain:  Over the set of all possible attack vectors that could be employed by a hacker, no single detection algorithm can outperform all others across the full spectrum of attacks.

Read More »

Topics: AI, machine learning, deep learning


Cyberattack detections from more than 250 Vectra customers with over 4 million devices and workloads

Posted by Chris Morales on Aug 8, 2018 5:08:00 AM

Recently, Vectra published the 2018 Black Hat Edition of the Attacker Behavior Industry Report, which covers the period from January through June 2018. While there are plenty of threat-research reports out there, this one offers unique insights about real-world cyberattacker behaviors found in cloud, data center and enterprise networks.

Read More »

Topics: attacker behavior


Types of learning that cybersecurity AI should leverage

Posted by Sohrob Kazerounian on Jul 18, 2018 6:00:00 AM

Despite the recent explosion in machine learning and artificial intelligence (AI) research, there is no singular method or algorithm that works best in all cases.

In fact, this notion has been formalized and shown mathematically in a result known as the No Free Lunch theorem (Wolpert and Macready 1997).

Read More »

Topics: AI, machine learning, deep learning


Breaking ground: Understanding and identifying hidden tunnels

Posted by Cognito on Jul 11, 2018 11:00:00 AM

It’s me again – Cognito. As always, I’ve been hard at work with Vectra to automate cyberattack detection and threat hunting. Recently, we made an alarming discovery: hackers are using hidden tunnels to break into and steal from financial services firms!

Clearly, this is serious business if it involves bad guys targeting massive amounts of money and private information. But what exactly are we dealing with? Let’s dig into what hidden tunnels are and how I find them to uncover the answer.

Read More »

Neural networks and deep learning

Posted by Sohrob Kazerounian on Jun 13, 2018 6:00:00 AM

Deep learning refers to a family of machine learning algorithms that can be used for supervised, unsupervised and reinforcement learning. 

These algorithms are becoming popular after many years in the wilderness. The name comes from the realization that the addition of increasing numbers of layers typically in a neural network enables a model to learn increasingly complex representations of the data.

Read More »

Topics: AI, machine learning, deep learning


Subscribe to the Vectra Blog



Recent Posts

Posts by Topic

Follow us