Artificial Reality | The PatternEx Blog

Rules vs. Correlations vs. Models

If you’re considering acquiring an information security product or service which touts its AI capabilities (which you should be), then you need to understand the difference between a rule, a correlation, and a model. They are definitely not the same thing, and there is an important difference in the efficacy of the security solution provided.

Topics: SIEM AI infosec Threat Detection

RSA Conference Recap: the Synergies Between AI & IoT

Last month, the RSA Conference was held in San Francisco, it’s usual location. While attendance numbers for the conference have not been released yet, apparently attendance was not as large as last year’s record of some 43K+ attendees. And, it did not seem as crowded as last year—good!

Topics: MSSP SOC infosec IoT

Finding Cryptocurrency Mining Malware

2017 was the year of ransomware.  2018 is already shaping up to be the year of cryptocurrency mining malware.  Are you prepared for this threat?

Topics: AI infosec Threat Detection

Help for SOC Analysts - Autocorrelation

Security Incident and Event Management (SIEM) solutions have been in use for almost two decades, but the promise of SIEMs and other log search solutions remains unfulfilled. e-Security, arguably the first SIEM company, was founded in 1999 in Vienna, Virginia.

SIEMs deliver analytics tools with search capability, but these tools remain limited to to providing responses to manually created questions / queries / correlations by human analysts and have not evolved beyond rule-based correlations. SIEMs have made claims about increased complexity and sophistication of such correlations through the use of wildcards, Boolean logic, RegEx, and other techniques. However, the SOC analyst remains constrained to receiving responses about his or her specific query and the correlation must be very specific in order for the signal-to-noise ratio to be acceptable. 

As a result, SIEMs lead to alert overload, generating thousands or millions of false positives for analysts to manually filter, investigate, and take action. In addition to being a huge drain on resources, this workflow often misses true risks (false negatives) in the deluge of alerts.

Topics: SOC AI infosec Threat Detection

Results of PatternEx's Performance Testing for the Virtual Analyst Platform for SOCs

According to analysis of real customer data, PatternEx eliminates more than 90% of false positives and detects verified malicious phishing domains significantly faster than other products.

Topics: SOC AI infosec Virtual Analysts Supervised Learning

InfoSec Games: Whack-a-Mole or Advanced Chess?

Risky business

Ask any business and they’ll tell you:  the concept and reality of ‘risk’ has gotten far riskier in the past few years.  Even five years ago, business leaders thought about breach and fraud much differently than today. Their concerns used to focus on vendors double or triple billing or employees padding their expense reports, or an employee colluding with a vendor. But now, as recent front-page breaches indicate, there is the justifiable concern that fraud can damage your bottom line, while breaches can force executive or board turnover. As a result, InfoSec budgets are soaring:  Gartner forecasts an all time high in InfoSec spend, up to $75.4B in 2015

Topics: AI infosec