As the world enhances its approach to dealing with a growing number of cybersecurity threats, the utilization of artificial intelligence to monitor the security surface has grown in interest and application. AI however comes in many forms and models. In this blog we explore the benefits of self-learning AI systems.
To date, most artificial intelligence applications have been trained through learning data sets on a subject along with its accompanying rules and exceptions. Thousands of examples are used until the AI begins to make accurate decisions. The results have been pretty powerful given that for instance, social media platforms like Facebook can fairly accurately pick out an individual from a group photo. However, this kind of machine learning has its drawbacks. The primary one is that this approach can only be used for situations with a clear outcome. It’s relatively straightforward to pick out an individual from an image. The question becomes, how does AI deal with situations with unclear outcomes? Outcomes that are being intentionally obscured?
In a world of cybercriminals that continually develop obscure threats, this poses a legitimate security concern. AI may be able to detect preexisting threats through supervised machine learning but how does it fare when it comes to totally new threats and insider threats in particular? How does AI spot malicious activity amid the large amount of legitimate activity?
Self-learning AI leverages the above concepts of using real-life experience to develop a deep understanding of a particular subject area.
Self-learning AI learns from the environment it operates in. It identifies the patterns of your business environment, developing its own understanding of it. In its simplest form, it ‘learns on the job’. This means that Self learning AI can identify and stop malicious anomalies in your business environment, including those that it had no idea existed prior to encountering them. This is the beauty of self-learning AI, it is essential in the mitigation of zero-day attacks.
In a time where new cyberthreats are growing at a rate faster than the human capacity required to defend them, human cyber-security efforts are lagging behind. Self-learning AI presents a giant leap in the development of autonomous cybersecurity in that it learns and thinks for itself. Self-learning AI not only identifies new unknown threats, but through autonomous decision-making, it decides on the appropriate course of action to take to neutralize the threat with minimal disruption to your business environment.
Self-Learning AI is able to predict what the next threat might look like because it continually recalculates threat levels in light of new data and discerns significant patterns in data flows indicative of attacks. One could assume that with more devices and data in an environment, the more difficult it becomes for the AI to learn your environment. On the contrary, Self-learning AI thrives with complexity. The more data, the merrier! This is crucial to adapt to the new tools, workflows, and security strategies that modern businesses are continually implementing.
Another hurdle that AI has faced in the past is that of having to collect, cleanse and migrate data to a central repository before proceeding with the learning process. Those days are past us. DarkTrace’s Self-learning AI is installed in your existing environment and begins to learn immediately. Informed by an evolving understanding of your business over time, Self-learning AI neutralizes the full range of threats inside your network.
This technology is so powerful that it detected and flagged unusual activity whilst it was being trialled in passive mode at a pharmaceutical manufacturing institute in Latin America. DarkTrace’s Director of Threat Hunting, Max Heinemeyer, details how DarkTrace’s Autonomous Response technology, Antigena, detected unusual activity from a server following external remote connectivity. DarkTrace Antigena detected an unusual connection over RDP and diagnosed the IP to be completely unknown to the environment. It further flagged the file transfers that were taking place as out of the ordinary patterns for the environment. It is key to note that all other existing security measures had been by-passed at this stage. Running in passive mode, DarkTrace Antigena fired a number of high-confidence alerts to warn the security team, ultimately preventing a disastrous situation.
DarkTrace is the global leader in fighting cyber-disruption through Self-learning AI. The cyber-security game was always one of playing catch up. DarkTrace’s suite of Self-learning AI products are a complete game changer and have made it an arms race. One which DarkTrace is winning.
DataGroupIT is Africa’s leading Value-Added Distributor (VAD). By partnering with the best selection of established and emerging technology vendors across the globe, we, provide complex solutions for any size business, including Enterprise and SME markets across the African continent.
Our product portfolio offers comprehensive solutions for IT Security, Infrastructure and Enterprise Software.
We are fully committed to our business partners. Channels & vendors success is our #1 mission. Our professional teams across Africa deliver exceptional sales, presale, logistic, marketing and financial support that create the ultimate platform to accelerate our business partners’ success.