Blog

Alan Turing and the birth of machine intelligence

Posted by Sohrob Kazerounian on Mar 15, 2018 10:32:29 AM

“We may compare a man in the process of computing a real number to a machine which is only capable of a finite number of conditions…” – Alan Turing

 

It is difficult to tell the history of AI without first describing the formalization of computation and what it means for something to compute. The primary impetus towards formalization came down to a question posed by the mathematician David Hilbert in 1928.

Read More »

Topics: machine learning, AI, alan turing


Attackers can use your admin tools to spy, spread, and steal

Posted by Cognito on Jan 26, 2018 10:32:23 AM

In my last blog, I spoke about a financial customer performing pen testing and how I helped the blue team detect the red team as it carried-out an attack. I’m back again today with another story from the trenches.

This time, I’ve been working with a customer in the manufacturing sector who recently deployed me. As before, this customer prefers to remain anonymous to keep cybercriminals in the dark about their newly developed security capabilities. To stay on top of their game, they routinely run red team exercises.

Read More »

Topics: Cyberattacks, IoT, network security, cybersecurity, Data Center, cloud, AI, Threat Detection, attacker behavior, red team, blue team


Vectra is positioned as the sole visionary in the 2018 Gartner Magic Quadrant for IDPS

Posted by Chris Morales on Jan 12, 2018 9:11:39 AM

Vectra® was recently positioned as the sole Visionary in the Gartner 2018 Magic Quadrant for Intrusion Detection and Prevention Systems (IDPS). I’m pretty ecstatic about that.                                                                                                 

Over the years, intrusion detection systems (IDS) have converged with intrusion prevention systems (IPS) and the two are now known collectively as IDPS. This convergence occurred as the security industry focused more on preventing external threat actors.

Read More »

Topics: cybersecurity, gartner, AI, security operations centers, network traffic, Intrusion detection prevention systems, IDPS


BGP hijackers: “This traffic is going to Russia!”

Posted by Chris Morales on Dec 14, 2017 2:11:27 PM

Traffic sent to and from major internet sites was briefly rerouted to an ISP in Russia by an unknown party. The likely precursor of an attack, researchers describe the Dec. 13 event as suspicious and intentional.

According to BGPMON, which detected the event, starting at 04:43 (UTC) 80 prefixes normally announced by several organizations were detected in the global BGP routing tables with an Origin AS of 39523 (DV-LINK-AS), out of Russia.

Read More »

Topics: cybersecurity, Encryption, internet traffic, tls, BGP hijack, russia, HTTPS, network traffic, espionage, ssl, BGP


A sinuous journey through ``tensor_forest``

Posted by Sophia Lu on Dec 11, 2017 11:45:30 AM

Random forest, an ensemble method

The random forest (RF) model, first proposed by Tin Kam Ho in 1995, is a subclass of ensemble learning methods that is applied to classification and regression. An ensemble method constructs a set of classifiers – a group of decision trees, in the case of RF – and determines the label for each data instance by taking the weighted average of each classifier’s output.

The learning algorithm utilizes the divide-and-conquer approach and reduces the inherent variance of a single instance of the model through bootstrapping. Therefore, “ensembling” a group of weaker classifiers boosts the performance and the resulting aggregated classifier is a stronger model.

Read More »

Topics: Data Science, machine learning, AI, tensor forest, tensorflow


The imminent threat against industrial control systems

Posted by Chris Morales on Nov 30, 2017 10:03:34 AM

The United States has not been the victim of a paralyzing cyber-attack on critical infrastructure like the one that occurred in the Ukraine in 2015. That attack disabled the Ukrainian power grid, leaving more than 700,000 people helpless.

But the United States has had its share of smaller attacks against critical infrastructure. Most of these attacks targeted industrial control systems (ICS) and the engineering personnel who have privileged access.

Read More »

Topics: Cyberattacks, IoT, cybersecurity, industrial control systems, critical infrastructure


Bolstering the blue team

Posted by Cognito on Nov 19, 2017 3:00:00 PM

Hey everyone. For my first blog, I want to share a story about my role on the blue team during a recent red team exercise.

But first, I want to introduce myself to those of you who might not know me. I am Cognito, the artificial intelligence in the Vectra cybersecurity platform. My passion in life is hunting-down cyber attackers – whether they’re hiding in data centers and cloud workloads or user and IoT devices.

Read More »

Topics: Cyberattacks, IoT, network security, cybersecurity, Data Center, cloud, AI, Threat Detection, red team, blue team


The good, the bad and the anomaly

Posted by Hitesh Sheth on Nov 8, 2017 10:57:20 AM

This blog was originally published on LinkedIn.

The security industry is rampant with vendors peddling anomaly detection as the cure all for cyber attacks. This is grossly misleading.

The problem is that anomaly detection over-generalizes: All normal behavior is good; all anomalous behavior is bad – without considering gradations and context. With anomaly detection, the distinction between user behaviors and attacker behaviors is nebulous, even though they are fundamentally different.

Read More »

Topics: cyber security, network security, artificial intelligence, Threat Detection, anomaly detection


Fatal SIEM flaw: No body, no murder

Posted by Mike Banic, VP of Marketing on Nov 7, 2017 9:43:07 AM

Over lunch last week, a customer who recently deploy our Cognito™ platform told me that his SIEM sales person said “We can do what Vectra does with our analytics package. I simply looked at him and said, “No body, no murder – no they can’t.”

He was puzzled, so I explained. 

Read More »

Topics: Cyberattacks, network security, cybersecurity, logs, security analyst, siems


Better together: Tight integration between endpoint and network security can stop attacks faster

Posted by Kevin Kennedy on Sep 20, 2017 11:03:56 AM

Many security teams are overwhelmed with the scale and ferociousness of digital threats. Threats are sneakier and more damaging, and security operations centers (SOCs) are being worn down investigating and stomping out incidents.

Read More »

Topics: Cyberattacks, cyber security, network security, endpoint, security operation centers


Subscribe to the Vectra Blog



Recent Posts

Posts by Topic

see all

Follow us

Test