next gen security - the channel company...others include poisoning the data set, adversarial...
TRANSCRIPT
Next Gen Security5 Myths Busted
Stephen Cobb| Senior Security Researcher
Stephen Cobb has been researching computer security and data privacy for 30 years, helping companies, consumers, and government agencies to manage cyber risks, with a focus on emerging threats and policy issues. Cobb holds a master’s in security and risk management and has been a CISSP since 1996. He heads a US security research team for ESET, one of the world’s largest security software vendors.
Stephen CobbSr. Security ResearcherESET North America
TRADITIONAL CARS DON’T WORK!TRADITIONAL CARS DON’T WORK!
AeroMobil.com
YOU NEED A NEX GEN CAR!
Nex Gen Security Myth #5:
Nex Gen security products were the first to use AI
Naive Bayes spam filtering (sold to Symantec)1990s
“The first company to introduce artificialintelligence to cyber security” - Cylance2016
Computer virus identification by neural networks – Daniel Guinier
Academia1991
NN for boot sector viruses – IBMFirst practical use in the security industry1996
Detection of Macro Viruses – ESET Machine Learning in ESET1997
Automated expert system
for mass processing
Algorithm placing
samples on a “cybersec map”
1998
Neural Networks
in ESET products
2006 20122005
DNA Detections(Online ML)
ESET Machine Learning flow
Nex Gen Security Myth #4:
AI and Machine Learning are a silver bullet
MaliciousAIreport.com
“the pace of progress in AI suggests the likelihood of cyber attacks leveraging machine learning capabilities in the wild soon, if they have not done so already”
Mimicry is just one was to defeat machine learning
Nex Gen Security Myth #3:
False positive are no big deal
• False positives ARE a big deal• Some argue that, because some bad stuff is bound to get
onto your systems, you might as well get good at threat hunting then crank your detection up to 11
• Yes, threat hunting is important (check out ESET EDR)• But it is resource heavy and not everyone has the resources• So use a product with low false positives AND high detection
To reduce FPs your AI/ML needs a large database of correctly labelled samples.
How about 30 year’s worth?
Nex Gen Security Myth #2:The old, established security vendors can’t keep
up with the nex gen newcomers
• Did you miss the bit about the 30-year old vendor using ML last century?
• Do you mean keep up with the advertising spend, or keep up with evolving threats?
• How? Leverage a multi-layered defense, plus vast experience, across a complete security eco-system
UEFI Scanner
Network AttackProtection
Reputationand Cache
In-productSandbox DNA Detections
AdvancedMemoryScanner
RansomwareShield
ExploitBlocker
BotnetProtection
Script Scanner(AMSI)
LiveGrid® Protection
DeviceControl
WannaCry• Stopped by ESET• Before it started• No updates needed
Not everyone saw this
Or this
NotPetya• Stopped by ESET• And we found where it
was coming from• Helped shut it down
Nex Gen Security Myth #1:The fact that security breaches still happen
means security software doesn’t work
• We bought your software but we still got infected• Did you install it, correctly, on all your endpoints?• Did you configure it so people can’t turn it off?• Does it alert you if people do turn it off?• Do your users know how to respond to alerts?
• This is true for any gen
Nex Gen Security: 5 myths busted
1. The fact that security breaches still happen means security software doesn’t work
2. The old, established security vendors can’t keep up with nex gen players
3. False positives are no big deal4. AI and Machine Learning are a silver bullet5. Nex Gen security products were the first to use AI
NexGen MSPs are NOT a myth
You are the future of technology deployment
• We all benefit from safe and secure technology• We can achieve that if we form the right partnerships• Look for security partners with a history of innovation
and a solid history of delivering reliable solutions• Solutions that are supported with passion by partners
with integrity and a passion for security
www.eset.com | www.welivesecurity.com
Stephen CobbSenior Security Researcher
@zcobb
Local Offices & BranchesPrague (CZ)Jablonec nad Nisou (CZ)Sao Paulo (BR)Jena (DE)Krakow (PL)Sydney (AU)Taunton (GB)Bournemouth (GB)Toronto (CA)
Montreal (CA)Iași (RO)Mexico City (Mexico)Zilina (SK)Brno (CZ)Tokio (JP)Kosice (SK)Munich (DE)Melbourne (AU)
BRATISLAVAHeadquarters
BUENOS AIRES
SINGAPORE
SANDIEGO
MONTREALTORONTO