Artificial Reality | The PatternEx Blog

Success Criteria for PoCs

As you are already aware, undertaking a proof of concept (PoC) is not a trivial task.  When executing an AI based security evaluation, the process can change compared to traditional IT projects.  To get value out of a PoC, you / your team need to put effort into it. So, what are the steps to follow to get the most out of a PoC - and ensure that the product or service being evaluated will actually meet your business needs?

Rules vs. Correlations vs. Models

If you’re considering acquiring an information security product or service which touts its AI capabilities (which you should be), then you need to understand the difference between a rule, a correlation, and a model. They are definitely not the same thing, and there is an important difference in the efficacy of the security solution provided.

Topics: SIEM AI infosec Threat Detection

Alerts Continue to Rise

Topics: analytics Threat Detection False Positives InfoSec Professionals

More Morphing in the Security Services Space

We have more morphing in the security services space. When ISPs came into being in the mid-1990s, there came a need to provide some security services to customers who did not have a capability to provide such for themselves. Hence MSSPs were born. For many years, adoption of MSSP services remained quite low. Many potential customers just could not bring themselves to trust a 3rd party with their security needs.

 Morphing

Topics: SOC machine learning Evolution Artificial Intelligence

More Morphing in the Security Services Space: Moving from SOC to SOCaaS

We have more morphing in the security services space. When ISPs came into being in the mid-1990s, there came a need to provide some security services to customers who did not have a capability to provide such for themselves. Hence MSSPs were born. For many years, adoption of MSSP services remained quite low. Many potential customers just could not bring themselves to trust a 3rd party with their security needs.

Topics: MSSP SOC Threat Detection AI

The Value of Threat Intelligence

I recently read through a report from a well known threat intelligence (TI) vendor that self-servingly claimed that TI programs “save businesses big money”. Would you really expect a vendor to say that their TI service is not worth the money that they are charging you? No, of course not. But, I was struck by the audacity of this vendor’s report, and specifically the unsubstantiated claims in it. Statements such as “Healthy organizations have threat intelligence infrastructure in place.” certainly don’t appear to be objective.

Topics: analytics SOC Threat Detection Artificial Intelligence

Detecting DNS Rebinding Attacks

Unless you have possibly been in North Korea since mid-July (working on denuclearization issues?), then you have by now heard about the DNS rebinding vulnerability that IoT devices are subject to (CVE-2018–11315). There are two aspects to this matter that are particularly noteworthy. First, DNS rebinding attacks are not new. In fact, the first such attack was reported over ten years ago (CVE-2007-5232)! Second, is the number of IoT devices potentially vulnerable in this latest CVE - half a billion devices. That is a lot of exposure sitting on your organization’s and your personal network at home. (BleepingComputer blog post, “Half a Billion IoT Devices Vulnerable to DNS Rebinding Attacks” from July 20th has a good breakdown on that number.)

Topics: SIEM analytics SOC AI Threat Detection

What to Look for in an MDR Provider

Book a Meeting

In my last blog posting, I talked about why you should consider moving to an MDR provider. In this post, I want to discuss what you should be looking for in an MDR provider. There are several factors that should be considered if you are going to have a successful partnership with an MDR provider. Leading research and advisory companies (and others) have written about such too, but I don’t charge vendors to say nice things about them. 😀

Topics: MSSP analytics SOC Threat Detection machine learning

Why move to MDR?

If you have been keeping up with your security reading recently, you might have noticed an uptick in the ‘noise’ level about MDR. A) Is that true? B) If so (true), then why?

Topics: MSSP analytics SOC AI

Is There a (MSSP) Bubble Coming?

As we approach the ten year anniversary of the subprime mortgage crisis, which precipitated a housing bubble collapse and contributed significantly to the Great Recession, I am wondering if another bubble is building?

Topics: MSSP analytics SOC Threat Detection