Autonomous Security: Using Big Data, Machine Learning and AI to Fix Today's Security
The evolution of the general technology landscape continues to influence the security and risk landscape across multiple enterprises. IoT, cloud, edge computing, containerization, automation, big data, AI--all influence a breadth of security challenges and opportunities for organizations. Security teams must address the emerging technology risk stack while ensuring these solutions work as intended to shape the intelligence, velocity and scale at which security-related decision points can be reached. This talk will give a sneak peek into technologies that will influence the security capabilities of the future and reshape the way organizations address challenges with current and emerging technologies. We will perform a live demo illustrating the concept of autonomous security and how it will reshape the current security landscape as we know it. Learning Objectives: Understand practical AI applications in building autonomous security systems. Be introduced to the concept of autonomous security and how it can transform the way organizations currently address security challenges. Identify the growth of SOAR (security orchestration, automation and response) and how to fine-tune it with a data and intelligence driven approach.
More Related Content
What's hot (20)
Similar to Autonomous Security: Using Big Data, Machine Learning and AI to Fix Today's Security (20)
More from Avinash Ramineni (10)
Recently uploaded (20)
Autonomous Security: Using Big Data, Machine Learning and AI to Fix Today's Security
- 2. Autonomous Security: How to use Big Data, Machine Learning and AI to build the Security of the future Lenin Aboagye Chief Security Architect , Kogni President, Limit+ & Avinash Ramineni Kogni
- 3. Agenda ● Today’s Security Landscape ● SAO & Risk Landscape ● Transitioning from SAO to SOAR ● Threat and Response Automation ● Beyond SOAR ● AI & ML History and Application ● Use-Case: Applying AI & ML in Data Centric Security
- 4. Today’s Security Landscape Forrester defines SAO as: Technology products that provide automated, coordinated, and policy-based action of security processes across multiple technologies, making security operations faster, less error-prone, and more efficient
- 5. SAO Addresses Half of Security Challenges Base: 1,700 Security technology decision-makers (1,000+ employees) Source: Forrester Data Global Business Technographics Security Survey, 2017
- 6. Exploding Threats - Exploding Tools - Exploding Costs = Exploding Breaches ● The increase is security budgets continue to have very limited success in addressing Exploding Costs ● Anthem =16 million, Google EU Fine, Facebook stock drop, Google+ Fine and discontinuation ● Security Tools and Technologies still built to address Legacy risks ● More claims and hype , many unproven when it comes to Big Data & AI/ML.. ● More difficult to fine-tune and make workable
- 7. Typical Incident Response Process - Manual
- 8. Typical Incident Response Process - Automated
- 9. Optimizing Security - Greater Efficiency
- 10. History of Autonomous Vehicles
- 11. Security Orchestration Automation and Response
- 12. Levels of Automation in Car Industry
- 13. Threat Automation Levels in Security
- 14. Beyond SOAR = Autonomous Security ● Predictive Intelligence-Anticipating the next breach , several days, months before it actually happens and automatically build and simulate Orchestration|Automation|Response ● Leverage information intelligence sharing where threats can be simulated and identified before they become vulnerabilities in your environment ● What if your risk was continuously predicted and your defenses consistently bolstered driven by Big data , ML and AI
- 15. Can we talk before we get breached?
- 16. Big Data->AI/ML->Deep Learning->Better Security AI-Human Intelligence exhibited by Machines Machine Learning-Using algorithms to parse data, learn from it, and then make a determination or prediction about something in the world. Deep learning -Machine learning method based on learning data representations, as opposed to task- specific algorithms. Learning can be supervised, semi-supervised or unsupervised
- 17. Future Concepts-Bringing Intelligence to Compute systems
- 18. Use-Case: Applying AI in Data Centric Security Build an extremely accurate , efficient and scalable solution to autonomously identify and protect sensitive data across enterprise workloads
- 20. Data Centric Security Gaps Legacy tools not built to address modern data challenges
- 21. Paradigm Shift | Data Centric Security
- 22. 4 Pillars of Data Centric Security ● What data do you have? ● Where is the data stored? ● Who is accessing the data? ● Whose data it is?
- 23. AI in Data Security ● Data Discovery ● Data Classification ● Document Recognition ● Behavioral Analytics ● Intelligent Data Protection ● Data Monitoring DATA CENTRIC SECURITY NEEDS AI to reduce false positives & automate remediation To properly protect data you have to properly identify and classify it
- 24. Automatic Data Discovery and Classification | Document Recognition
- 25. Automatic Data Discovery and Classification | Image Classification
- 26. Automatic Data Discovery and Classification | Automatic Pattern Learning Changing Data Patterns • Using Structured data to improve accuracy in unstructured data • Clustering and Association rule mining • Sensitive Data leakage detection • MinHash • Locality sensitive hashing • Bloom filter
- 27. Automatic Data Discovery and Classification | Graph Learning Disambiguate using Graph Learning Sydney Person? City?
- 28. Automatic Data Discovery and Classification | NLP
- 29. User and Entity Behavior Analytics | Anomaly Detection Monitoring for dangerous Data Access Patterns
- 30. Data Subject Catalog | CCPA & GDPR
- 31. AI / ML Based System | Continuous Learning
- 32. DEMO
- 33. QUESTIONS