Artificial Reality | The PatternEx Blog

Why you need advanced analytics with your SIEM

Why do you possibly need an advanced analytics tool along with your SIEM?  Because your SIEM is not an advanced analytics platform. Your SIEM is an advanced search tool allowing you to search through your log data with sophisticated correlations.  But search advanced analytics.  Let’s dig deeper.

Topics: SOC analytics SIEM

PatternEx’s Architecture for SOC Investigations

PatternEx uses multiple open-source tools to help us provide excellent results for SOC analysts in their investigations.  And in this blog posting, I am going to give you an overview of our architecture.

Topics: machine learning AI SOC

Help for SOC Analysts - Autocorrelation

Security Incident and Event Management (SIEM) solutions have been in use for almost two decades, but the promise of SIEMs and other log search solutions remains unfulfilled (e-Security, arguably the first SIEM company, was founded in 1999 in Vienna, Virginia). SIEMs deliver analytics tools with search capability, but these tools remain limited to to providing responses to manually created questions / queries / correlations by human analysts and have not evolved beyond rule-based correlations. SIEMs have made claims about increased complexity and sophistication of such correlations through the use of wildcards, Boolean logic, RegEx, and other techniques. However, the SOC analyst remains constrained to receiving responses about his or her specific query and the correlation must be very specific in order for the signal-to-noise ratio to be acceptable. As a result, SIEMs lead to alert overload, generating thousands or millions of false positives for analysts to manually filter, investigate, and take action. In addition to being a huge drain on resources, this workflow often misses true risks (false negatives) in the deluge of alerts.

Topics: Threat Detection infosec AI SOC

Methodology of Performance Testing for the Virtual Analyst Platform for SOCs

In a previous post, I wrote about a huge decrease of more than 90 percent of false positives with PatternEx’s Supervised Learning models. While the results of this real-world performance are very impressive, the question is: how were those numbers derived? Let’s explore the methodology a bit.

Topics: Virtual Analysts AI SOC

Results of PatternEx's Performance Testing for the Virtual Analyst Platform for SOCs

According to analysis of real customer data, PatternEx eliminates more than 90% of false positives and detects verified malicious phishing domains significantly faster than other products.

Topics: Supervised Learning Virtual Analysts infosec AI SOC

The Benefits of Transfer Learning with AI for Cyber Security

Transfer learning is not new in information security. It has been in use for many years. For example, anti-malware vendors have exchanged samples of malware between their own proprietary collections of such (so-called zoos). That is a form of transfer learning. Similarly, Snort Community rules are a form of transfer learning. Community rules can be written by anyone, and used by any organization. ISACs are another form of transfer learning. Security-related is shared within a community. All of these examples (zoos, community rules, ISACs) involve known bads (e.g., malware, exploits, IP addresses, domains).

Topics: Artificial Intelligence CyberSecurity Labels Virtual Analysts Threat Detection Transfer Learning AI

Introducing the PatternEx Virtual Analyst Platform

Humans and computers need to work together to identify evolving cyberattack patterns buried in our data.

How machine learning creates virtual analysts

The security industry has done a great job of creating a lot of noise around the rise of “machine learning” or “artificial intelligence.” The industry says that rules are the problem—too many missed attacks and false alarms—and that machine learning is the answer.

Topics: Artificial Intelligence machine learning

PatternEx Named One of  SINET's 16 “Most Innovative Cybersecurity Companies”

We value research and analysis at PatternEx, and we respect when cybersecurity experts weigh in on research or emerging technology. So it is with great honor that we announce that the Security Innovation Network (SINET) has named PatternEx as one of its 16 most innovative companies of 2017.

Topics: PatternEx News SINET16

Meet PatternEx at Black Hat

We're at Black Hat this week, and we still have a few meeting spots left.  We'd love to meet with you. If you'd like to be introduced to the team and the product, please fill out the form on this page.

Topics: Black Hat