Artificial Reality | The PatternEx Blog

Collections of the thoughts and the people behind the PatternEx Virtual Analyst Platform powered by AI2.

There Is No Auto-Pilot for Threat Hunting!

Vendors may claim complete automation for threat hunting, but they're promising the impossible. Threat hunters need a co-pilot—not a replacement. PatternEx can be a co-pilot and get rid of the mundane task of managing & sifting through data, and doing trial and error modeling around data analysis.

Detecting Lateral Movement with Data Science Sugar

Detecting Lateral Movement Webinar - a review of key use cases, data science sugar, and other interesting things we discussed in our latest webinar series.

AI SOC: All About the People

AI Enabled SOCs will change how people, process, and technology perform together more efficiently.

Data Exfil: AI Based Detection

Cloud based services like Gmail, Twitter and Facebook have emerged as another vector for data exfiltration and command and control (C2) attacks, and attacks through these channels are harder to detect and block. Here's how an AI solution can help.

AI Not Optional for the SOC

With the recent flood of cyber breaches, everyone is looking for answers to stop this seemingly unending cycle of attacks. The current model of multi-tier SOC analysts, SIEM, and basic ML alone is not our future. AI is no longer an option, but a requirement to keep up with threat volume and sophistication. Read more from our guest author, VP IT Security at a leading hospitality company.

Donald Trump, Theresa May, MIT & Apple all agree on one thing

Meta-trends around AI cybersecurity are driving industry and governments alike to drive change. Who is doing what and how can you get involved?

Can MDR's save the enterprise from security threats?

MDRs path to a smarter SOC to help enterprises solve security issues more cost effectively.

An Overview of AI for Security Pros: Lessons Learned from our Webinar

Get an overview of our recent webinar, "An Overview of AI for Security Pros," where we covered two of the critical elements of data science/AI applied to infosec -- labeling and data variety.

Success Criteria for PoCs

Try before you buy, or drive before you buy, or a proof of concept (PoC) which is the IT equivalent. However, to get the maximum value from a PoC, there are several important steps that need to be completed in advance. This is important for both the prospective customer as well as the vendor. Mistaken expectations can be costly for one or both of the parties. Do your homework! And, here is your homework assignment.

Rules vs. Correlations vs. Models

Information security practitioners need to broaden their vocabulary to understand machine learning terminology. For example, what are the differences between a "rule" versus a "correlation" versus a "model"? What is the difference between an algorithm versus a model?

Alerts Continue to Rise

As alerts continue to rise, is the solution SOAR, or first to better / more accurately discern false positives and detect current false negatives? Moving directly to SOAR without improving detection seems to merely be another digital version of garbage in / garbage out. Certainly improved security automation & response are needed, but don't just port poor detection to response and expect to improve your program's effectiveness.

More Morphing in the Security Services Space: Moving from SOC to SOCaaS

We have more imorphing in the security services space. occurring. We tend to focus on the evolution of security products. However, an interesting evolution of security services is also occurring. I'm not speaking about penetration testing to bug bounties to attack simulation platforms. I'm speaking today about MSSPs to MDRs to SOCaaS, (security operations center-as-a-service) and what is driving this evolution.

The Value of Threat Intelligence

Commercial cyber threat intelligence (TI) is relatively new to the sector. While all major firewall vendors provide threat intelligence, many non-product TI companies have also emerged. Too many? Does a CISO really need yet another vendor in the form of a non-product TI company?

Detecting DNS Rebinding Attacks

DNS rebinding attacks - they're back! And this time, on a massive scale. Protection of vulnerable IoT devices is highly problematic, but detection of such attacks poses it's own challenges. How to detect these attacks in near real-time on a massive scale. Enter AI please.

What to Look for in an MDR Provider

As more and more traditional MSSPs begin to provide MDR services, it is important to know what your selection criteria should include. In this post, we discuss the factors that should be considered if you are going to have a successful partnership with an MDR provider.

Why move to MDR?

A significant shift is underway within the MSSP segment. Several major MSSPs are adding MDR capabilities to their porfolios. What is driving this shift and why? Customers are demanding such, and MSSPs have their own business reasons for doing so.

Is There a (MSSP) Bubble Coming?

Tulips, housing, stock markets. Are MSSPs the next bubble? With the growing number of companies entering the MSSP space, many of them with no prior experience and little expertise, what is in store for MSSP vendors?

Is Trust Breaking Out?

There has been an infosec mantra for years in the US about the need for a public - private partnership. However, private sector organizations have long complained about the one-way flow of security data and information. A key ingredient has often been missing -- trust. Is that starting to change?

Changing Business Considerations for MSSPs: Saying Goodbye to Soda Straw Views

As the threat landscape has evolved (e.g., increased number and size of DDoS attacks), MSSPs are being forced by the market to evolve their service offerings. It simply is no longer acceptable for an MSSP to manage perimeter firewalls, a couple of Internet-facing applications, and perhaps a couple of important internal systems (e.g., Active Directory domain controllers). Why not? Because such (effectively) stand alone ‘soda straw’ views do not provide the MSSP (nor the customer) with the context needed to be able to detect today’s sophisticated attacks.

RSA Conference Recap: the Synergies Between AI & IoT

It's always interesting to see what the marketing buzz is at RSA, which becomes the unofficial conference theme. The ‘theme’ in 2017 was artificial intelligence (surprise!), while 2018's ‘theme’ seemed to be IoT. But, actually there are interesting security synergies between the two areas.

Why MSSPs Should Be Interested in Virtual Analyst Technology

MSSPs face several challenges in effectively running their operations, and subsequently providing value to their customers. New tools for better threat detection and improved context for investigations are needed - and available to assist SOC analysts.

Finding Cryptocurrency Mining Malware

2017 was the year of ransomware. 2018 is already shaping up to be the year of cryptocurrency mining malware. Are you prepared for this threat? How well can you detect this new threat?

Complementing Your Current SIEM Implementation

Machine learning's modeled behaviors can compliment your existing SIEM implementation by allowing your SOC to detect unknown unknowns, while your SIEM's correlations effectively detect known unknowns.

Why you need advanced analytics with your SIEM

Why do you possibly need an advanced analytics tool along with your SIEM? Because your SIEM is not an advanced analytics platform. Your SIEM is an advanced search tool allowing you to search through your log data with sophisticated correlations. But search ≠ advanced analytics.

PatternEx’s Architecture for SOC Investigations

PatternEx's architecture for enabling far faster and more accurate SOC analyst investigations is described.

Help for SOC Analysts - Autocorrelation

PatternEx is pioneering a new cybersecurity platform, with the ability to auto correlate behavior across entities & time for better, faster attack detection.

Methodology of Performance Testing for the Virtual Analyst Platform for SOCs

Explanation of the methodology behind recent performance testing of PatternEx's Virtual Analyst Platform.

Results of PatternEx's Performance Testing for the Virtual Analyst Platform for SOCs

Results of PatternEx's performance testing of the Virtual Analyst Platform for SOCs, showing a dramatic drop in false positives based on customer real-world data.

The Benefits of Transfer Learning with AI for Cyber Security

How to use Artificial intelligence transfer learning to create virtual infosec analysts.

Introducing the PatternEx Virtual Analyst Platform

Introducing PatternEx Virtual Analyst Platform. New features such as AutoCorrelate and Custom Analytics to create a network of virtual analysts.

How machine learning creates virtual analysts

How PatternEx uses machine learning to create virtual analysts.

PatternEx Named One of  SINET's 16 “Most Innovative Cybersecurity Companies”

Today, SINET has named PatternEx as one of its 16 most innovative companies of 2017. PatternEx is honored to be named to this prestigious list.

Meet PatternEx at Black Hat

Meet the PatternEx team at Black Hat USA 2017, and learn more about the first AI solution that detects malicious behaviors through network traffic analysis.

Check Domains Using PatternEx AI Engine

Use an AI to check to see if a given domain name is likely a phishing site or is associated with a DGA.

AI For Enterprise Security: The Challenges from a Data Scientist's Perspective

Looking for a overview of cybersecurity and artificial intelligence? Look no further.

AI Automatically Detects Malware Domains 36 Days Earlier than the Data in VirusTotal

AI automatically detects malicious domains missed by NGFW's 36 days before the URLs appear in VirusTotal data

PatternEx Co-Founder Keynotes "Cybersecurity & AI get real: Attacks. Players. Solutions"

Cybersecurity & AI get real: Attacks. Players. Solutions, presented by MIT ILP, CSAIL Alliance program & STEX. Keynote by Kalyan Veeramachaneni.

RSA Logistics

PatternEx expo booth location at RSA 2017

Details on PatternEx at RSA 2017

Meet the PatternEx team at RSA 2017; discuss AI in the context of c2 communication, data exfiltration, and other breach techniques.

PatternEx CEO on TechEmergence Podcast

Podcast with TechEmergence January 2017 describing the Holy Grail of AI, how to catch C2 communications and data exfiltration, and more!

Meet PatternEx at RSA

Meet the PatternEx team at RSA! Discuss detecting data exfiltration and C2 communication from the logs you already have, using AI.

How AI Really Works For InfoSec

It's been about 2 years since I joined PatternEx and started learning how Artificial Intelligence (AI) fits into Infosec. About 6 months in, I had a wake-up call: my expectations for what AI could do were vastly different from what was actually possible. I share what I've learned in this post.

Why InfoSec Professionals Need to Learn Some Data Science

Data Science and Machine Learning are here in the InfoSec landscape. But don't worry, you've adapted in the past and will do just fine here. #InfoSec

Harvard Business Review on "Why You Aren't Getting Value from Your Data Science"

Why aren't you getting value from your data science? Perhaps because the focus is on building models and not on providing business value. Easier said than done?

The Revolution of Learning Systems

Evolution is nice but revolution is more interesting. While UEBA is an interesting evolution from the shortcomings of SIEM, it is not revolutionary.

Labels in AI: Where The Human Meets the Machine

What do Pandora, Google, and parenting have in common? Labels! This is how we teach both humans and AI algorithms to understand the implications of patterns.

Bending the Boundaries of Normal

Supervised Learning promises to capture analyst experience and intuition in code, reducing false positives and false negatives simultaneously. Here's how.

Attacks in the Abstract: Detecting New Attacks with AI

Want to know how AI is detecting never-seen-before attacks? We break down complex concepts for the layperson.

Three Key Questions for Your UEBA Vendor

Here are three good questions for any CISO to ask any ML vendor.

Moving from Tools Collection to Knowledge Collection with Human-Assisted AI

Most InfoSec teams are on a strategy of tools collection. Human Assisted AI enables teams to collect and keep analyst knowledge. Consider the implications...!

Glossary of AI Terms for Cyber Security

Artificial Intelligence vs Machine Learning, Algorithms vs Models. Help! We hope to provide a handy glossary of key AI terms to the security practitioner.

The Morning Paper Shares "AI Squared" Research

Will machines take over? The lesson of today’s paper is that we’re better off together. From The Morning Paper:

The True InfoSec Talent Gap

We don't need more InfoSec analysts to write rules and investigate rules. We need more InfoSec analysts to train Artificial Infrastructures to detect attacks.

Artificial Intelligence: Primer and Deep Dive

A primer and a deep dive on Artificial Intelligence for Information Security leaders. #Blackhat

Cyber Security and AI-Squared

The PatternEx technology detects 10x more attacks in cyber security, with 5x fewer alerts than anomaly detection solutions.

Advanced Analytics and Cyber Security

Gartner Group validates that human in the loop AI is essential for machine learning in cyber security

Top Questions from Data Exfiltration Webinar

Top questions from our Data Exfiltration webinar about Artificial Intelligence for Cyber Security

VentureRadar Lists PatternEx in "10 Hot Startups Using Artificial Intelligence in CyberSecurity"

VentureRadar lists PatternEx as one of the 10 hottest AI companies in CyberSecurity.

AlphaGo and InfoSec

Google's AlphaGo beat Lee Sodol, what are the implications for Information Security?

Tailoring Your Data Exfiltration Detection Solution

Data exfiltration threat prediction that mimics a skilled InfoSec analyst utilizing Machine Learning features.

Three Ways Artificial Intelligence Systems will Impact InfoSec

Artificial Intelligence + InfoSec + System Software may change the InfoSec game. We look at three vectors where the impact will be felt the most.

RSA Session: Actively learning to mimic an analyst

Coming to RSA? Come to a compelling session detailing insights about the challenges involved in bringing Artificial Intelligence to InfoSec

The Challenges of AI in InfoSec

Bringing AI into InfoSec is not without its challenges. We look at behavior extraction, supervised learning models, and active learning.

The Goal of PatternEx

In founding PatternEx, our goal was to develop a system that mimics a human InfoSec Analyst’s intuition and expertise in real time and at scale.

Active Learning: A Primer

What is active learning, when is it useful and how will it change the InfoSec game?

InfoSec: Cut Your False Positives to Zero?

Introducing PDR (Pattern Detection Ratio), a metric that covers the efficacy of threat detection systems.

InfoSec Games: Whack-a-Mole or Advanced Chess?

An InfoSec analyst using PatternEx's powerful system results in both significantly higher detection rates and lower false positive rates, ending their game of whack-a-mole and perfecting their game of chess.

Artificial Intelligence: Force Multiplier for InfoSec

An Artificial Intelligence platform needs to mimic an InfoSec analyst’s intuition—to augment your staff rather than being just a ticket creating machine.

Teaching a Computer to Defend: Machine Learning and InfoSec Analysts

The core of the PatternEx approach is a 5-step loop that marries the Infosec analyst's intuition with artificial intelligence.

Artificial Intelligence for InfoSec: The PatternEx Foundation

Introducing the founding vision of PatternEx: an AI platform leveraging both components needed to detect, defend & prevent attacks: machines & humans.
Load More

Subscribe Now