By Mario Daigle, VP of Products;
It’s been just about three months since the Interset team officially joined the Micro Focus family, and we could not be more excited. I knew the first few months past the acquisition would be busy, but I had no idea! Yet we know so much more excitement still lies ahead. A highlight on the horizon for us is the annual Micro Focus Cybersecurity Summit in Dallas, Texas, on June 11-13, where we will get a chance not only to meet with attendees and discuss their security challenges, but also share our team’s experience and point of view in several track session presentations.
At Interset, we’re big advocates for the power of data science and machine learning (ML) to help security teams detect and protect against difficult-to-find threats. As such, you’ll see that many of our sessions are dealing with exactly that. Here’s what you should expect to see from Interset:
Data Science 101 & 102
Data science is our bread and butter, so we feel it can be helpful for folks to understand the basics of the field if they’re interested in learning about the math behind our user and entity behavioral analytics (UEBA) and how it stacks up against alternatives. Over two sessions — “Introduction, principles, and implementation” and “Probabilistic approaches to anomaly detection for cybersecurity” — Interset CTO Stephan Jou will give attendees a practical introduction to data science and discuss how it can be used to enable powerful anomaly detection in your enterprise.
These sessions are going to immensely helpful, and it will be very relevant for folks who are looking to attend our sessions on machine learning. Stephan has decades of experience in data science and analytics and a knack for storytelling, so you couldn’t ask for a better teacher on the subject.
Machine Learning in Cybersecurity
Our session titled “Machine learning in cybersecurity: One size doesn’t fit all” is one that I’ll actually have the privilege of presenting, and I’m excited because it’s a topic that I believe makes a world of difference in realizing success with AI (machine learning, specifically) in cybersecurity. Security teams today struggle to differentiate between the multitude of vendors who claim to use some form of machine learning. It’s considered a “must have” cybersecurity technology, and for good reason. When leveraged strategically and correctly, it can transform your threat detection efforts. Unfortunately, not all ML addresses every challenge equally, and not all security professionals fully understand that.
Solving real problems effectively means understanding the best use cases for different types of machine learning and learning the right questions to ask in order to determine the right tool for the job at hand. AI is powerful, but it’s not a cure-all, and it’s most effective when combined with the core strengths of human intelligence. In a later session, “Human and machine teaming in cybersecurity,” I’ll take a closer look at how humans and machines can and should work together in order to find the most practical, effective, and ethical solutions for threat detection.
UEBA and MITRE ATT&CK
There are roughly 450 machine learning models that power Interset’s UEBA and enable us to help organizations detect unknowns, such as insider threats or targeted outside attacks (i.e. advanced persistent threats). One of the ways in which we evaluate how well these models can protect against real threats is by mapping them to MITRE’s ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) framework — a collaborative knowledge base of tactics and techniques observed in real-world enterprise attacks. In our session titled “UEBA and the MITRE ATT&CK framework,” Interset VP of Customer Success Wayne Watson will explore ATT&CK to understand what techniques are most common and explain how we’re mapping our detection models to the framework.
These sessions will be taking place on Wednesday, June 12. You’ll also get to see more from Interset on Thursday, June 13. My colleague Paul Reid — a technology strategist with decades of cybersecurity expertise — will be showcasing a few recent case studies of real-world organizations leveraging Interset UEBA for threat detection. He will also explore a particularly exciting use case for our analytics: detecting extremely sophisticated Red Team attacks. His sessions — “2018 success stories: Using machine learning to solve real-world security problems” and “Finding Red Team attacks with behavior” — are going to be must-sees!
Needless to say, it’s going to be a busy event. We’re thrilled to be participating in this year’s Summit, and we hope to meet you there. If you’d like to schedule some time to connect at the show or speak with us beforehand, please send an email to firstname.lastname@example.org. See you in June!
Check out all the session on the Analytics and Machine Learning track, and hope to see you there!
Wednesday, June 11
10:30 a.m. – 11:25 a.m. | Data science 101: Introduction, principles, and implementation
12:30 p.m. – 1:25 p.m. | Data science 201: Probabilistic approaches to anomaly detection for cybersecurity
1:35 p.m. – 2:30 p.m. | UEBA and the MITRE ATT&CK framework
2:55 pm – 3:50 p.m. | Machine learning in cybersecurity: One size doesn’t fit all
4:00 p.m. – 4:55 p.m. | Human and machine teaming in cybersecurity
Thursday, June 12
9:20 a.m. – 10:15 a.m. | 2018 success stories: Using machine learning to solve real-world security problems
10:35 a.m. – 11:30 a.m. | Finding Red Team attacks with behavior