Presentation is loading. Please wait.

Presentation is loading. Please wait.

Machine Learning: - A cybersecurity FRIEND to beat the bad guys -

Published byShinta Kusnadi Modified over 5 years ago

Similar presentations

Presentation on theme: "Machine Learning: - A cybersecurity FRIEND to beat the bad guys -"— Presentation transcript:

1 Machine Learning: - A cybersecurity FRIEND to beat the bad guys -
Fred Streefland Cyber Security Strategist EMEA Thank you for the opportunity to present our vision on machine learning. In the context of the title of this event, we’ll see machine learning as a positive element of cyber security

2 How to secure an organization?
AGENDA How to secure an organization? Introduction Speaker Palo Alto Networks AI or Machine Learning? The challenges of today’s world Machine Learning in Cyber Security (Palo Alto Networks’ approach) “The non-technical/pragmatic approach” Fred Streefland Sr. Product Marketing Manager EMEA This is the agenda

3 How to secure an organization?
AGENDA How to secure an organization? Introduction Speaker Palo Alto Networks AI or Machine Learning? The challenges of today’s world Machine Learning in Cyber Security (Palo Alto Networks’ approach) “The non-technical/pragmatic approach” Fred Streefland Sr. Product Marketing Manager EMEA

4 INTRODUCTION (SPEAKER)
This is my background

5 INTRODUCTION (PALO ALTO NETWORKS)
European presence 85 of Fortune 100 rely on Palo Alto Networks 48,000+ customers in 150+ countries Europe, Middle East and Africa (EMEA) headquarters in Amsterdam, since 2013. Nearly 70 Palo Alto Networks Academy Program partners and education institutions in more than 18 EU Member States 63% of the Global 2K are Palo Alto Networks customers Palo Alto Networks is growing fast, and many of us are not aware of how large we are 85 of the fortune 100 companies use our products and trust us 63% are Global 2000 Now we have over 48,000 global customers in more than 150 countries. They are from all verticals: healthcare, retail, Finance, Manufacturing, government … We are consistently rewarded and recognized for our superior customer satisfaction and support Though we are a relatively young company, we have a strong European presence and are committed to cybersecurity in the EU. For example Europe, Middle East and Africa headquarters in Amsterdam, since 2013. Note you’re based in AMS, along with hundreds of colleagues (don’t give exact #) Some notable EU customers include Austrian Airlines, OSRAM, Schauinsland Reisen, Rompetrol We work with computer emergency response teams/ computer security incident response teams (CERTs/CSIRTS– the term is used interchangeable in Brussels), in Europe to share cyberthreat intelligence to better prevent and counter cyber adversaries- for example, we work with CERT-EU Nearly 70 Palo Alto Networks Academy Program partners among technical and other educational institutions in more than 18 EU member states, as of a few months ago. More Details Founded in 2005; first customer shipment in 2007 More than 48,000 customers in 150+ countries Over 85 of the Fortune 100 and 63% of the Global 2000 rely on us Ranked an enterprise firewall market leader by Gartner six times Excellent global support, awarded by J.D. Power and TSIA Experienced team of more than 4,900 employees 2015, 2016 & 2017 J.D. Power Certified Assisted Technical Support Program Palo Alto Networks, Inc. has been recognized by J.D. Power for three consecutive years for providing “An Outstanding Customer Service Experience” for its Assisted Technical Support.

6 ARTIFICIAL INTELLIGENCE ?
Are we talking about Machine Learning or Artificial Intelligence? MACHINE LEARNING ?

7 Artificial Intelligence: software that becomes aware of its own existence and can make thoughtful decisions. Rick Howard, CSO Palo Alto Networks Machine Learning: a software-development technique used to teach a computer to do a task without explicitly telling the computer how to do it. Sam Debrule, co-founder of the Voice of Machine Learning journal Let’s start with ‘setting the scene’ by explaining what I see as the difference between AI and Machine Learning. Machine Learning is normally seen as a subset of AI Developers use big data techniques to search through large piles of data, looking for patterns that a human would never notice. In other words, we teach the program to teach itself, and big data is the key. This technique would not work without a very large collection of threat data. As an example, Palo Alto Networks uses machine learning to discover malicious files–files that bad guys send to victims in order to compromise their systems.

8 How to secure an organization?
AGENDA How to secure an organization? Introduction Speaker Palo Alto Networks The challenges of today’s world Machine Learning in Cyber Security (Palo Alto Networks’ approach) “The non-technical/pragmatic approach” Fred Streefland Sr. Product Marketing Manager EMEA

9 INSTRUMENTED & INTERCONNECTED
WORLD

10 COMPLEX ORGANIZATIONS

11 DEMANDING CITIZENS

12 COMPLIANCE & REGULATIONS

13 DIVERSE, EVOLVING AND SOPHISTICATED THREAT
HIGHLY AUTOMATED ADVERSARY

14 SOPHISTICATED MALWARE SPREADING
New infection every 3 seconds After…. 1 minute = 2,021 instances 15 minutes = 9,864 instances 30 minutes = 45,457 instances Malware spreads extremely quickly if left unchecked. With WildFire, we’ve seen the same piece of malware spread over rapidly: 2,021 instances of the same malware seen after just 1 minute 9,864 instances seen after just 15 minutes And 45,457 instances seen after 30 minutes …You can just imagine how prolific this single piece of malware becomes after 24 hours Organizations cannot afford to wait to manually mitigate threats Do you know how fast WannaCry moved? From Friday morning 12th May Friday evening 12th May: WannaCry was rooted in more than 150 countries and it had affected more than machine (98% had Windows 7) The criminals behind WannaCry were able to string together an amateurish piece of ransomware, an NSA-developed exploit made available to anyone inclined to use it (thanks to the Shadow Brokers leak), an easy-to-use framework for deploying that exploit (also included in the leak), and a simple worm component to launch the biggest ransomware outbreak in history. This wasn't the work of criminal masterminds. It wasn't even that sophisticated or advanced. And the damage it caused was still staggering.

15 HIGHLY AUTOMATED ADVERSARIES
Av Test (2017): More than 9 million new instances of malware are seen per month (!) Ponemon (2018): A huge increase in fileless attacks: in 2018: more than 35% of all attacks are fileless (exploits, macros e.d.), which means that the user doesn’t have to download a (malicious) file!

16 CHANGE CYBER SECURITY

17 How to secure an organization?
AGENDA How to secure an organization? Introduction Speaker Palo Alto Networks The challenges of today’s world Machine Learning in Cyber Security (Palo Alto Networks’ approach) “The non-technical/pragmatic approach” Fred Streefland Sr. Product Marketing Manager EMEA

18 SECURITY OPERATING platform
WildFire Threat Prevention URL Filtering AutoFocus Logging Service Magnifier MineMeld CLOUD-DELIVERED SECURITY SERVICES Distributed users, apps, and data | Delivers flexibility and speed; increases risk NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY

19 WILDFIRE 1 2 3 WildFire Endpoints Cloud NGFWs NGFWs Endpoints Cloud
Machine Learning Dynamic Analysis Static Analysis WildFire Bare Metal Analysis Endpoints Cloud NGFWs NGFWs Endpoints Cloud 1 NGFWs, Aperture, and Traps send unknowns or suspicious files and links to WildFire 2 WildFire analyzes the unknown, renders a verdict, and shares threat intelligence 3 Automatically reprogram NGFW and endpoints to protect against new threat This slide gives a visual demonstration of how our shared threat intelligence works. To simplify things we are only including NGFW and Traps in this diagram. It’s important to keep in mind that this is also happening across the entire Palo Alto Networks Next Generation Security Platform. You can see that the Machine Learning element plays an essential role in this process! With WildFire, more than customers receive an automated verdict within about 5 minutes and a prevention is automatically developed. With our platform, we generate 1.5 million new preventive measures a week!

20 TRAPS WildFire Phone/Tablet Laptops Desktops Servers Cloud

21 MAGNIFIER THREAT DATA & LOGS Machine learning
behavioral analytics THREAT DATA & LOGS Machine learning Save analyst time Speed insight Find stealthiest threats NETWORK ENDPOINT CLOUD Magnifier Behavioral Analytics empowers organizations to quickly find and stop the stealthiest network threats. By analyzing rich network, endpoint and cloud data with machine learning, Magnifier accurately identifies targeted attacks, malicious insiders, risky behavior, and endpoints compromised with malware. Security analysts can accelerate investigations by automatically examining endpoints and getting the user and device context they need to confirm attacks quickly. And as a cloud-delivered security service, organizations gain scalability, agility and ease of deployment. Magnifier combines the most important elements of three, new behavioral-based security technologies—namely, Network Traffic Analysis, User and Entity Behavior Analytics and Endpoint Detection and Response. We’re the only vendor to combine all of these elements in a single integrated solutions and this allows us to catch threats across the attack lifecycle and to streamline investigations. Prevent costly breaches with: Behavioral analytics built expressly for our rich network, cloud and endpoint data Machine learning at cloud scale Integrated threat analysis and rapid network-level response Automate detection and accelerate response to free up analysts to focus on threats that matter Simplify deployment Avoid costly on-premise log storage 21 | © 2018 Palo Alto Networks, Inc. All Rights Reserved.

22 CYBER SECURITY

23 Thank you for the attention!

Download ppt "Machine Learning: - A cybersecurity FRIEND to beat the bad guys -"

Similar presentations

Palo Alto Networks Jay Flanyak Channel Business Manager

Palo Alto Networks Jay Flanyak Channel Business Manager
Introducing WatchGuard Dimension. Oceans of Log Data The 3 Dimensions of Big Data Volume –“Log Everything - Storage is Cheap” –Becomes too much data –

Introducing WatchGuard Dimension. Oceans of Log Data The 3 Dimensions of Big Data Volume –“Log Everything - Storage is Cheap” –Becomes too much data –
Dell Connected Security Solutions Simplify & unify.

Dell Connected Security Solutions Simplify & unify.
©2014 Bit9. All Rights Reserved Endpoint Threat Prevention Charles Roussey | Sr. Sales Engineer Detection and Response in Seconds.

©2014 Bit9. All Rights Reserved Endpoint Threat Prevention Charles Roussey | Sr. Sales Engineer Detection and Response in Seconds.
The Changing World of Endpoint Protection

The Changing World of Endpoint Protection
Network security Product Group 2 McAfee Network Security Platform.

Network security Product Group 2 McAfee Network Security Platform.
Sky Advanced Threat Prevention

Sky Advanced Threat Prevention
Axis AI Solves Challenges of Complex Data Extraction and Document Classification through Advanced Natural Language Processing and Machine Learning MICROSOFT.

Axis AI Solves Challenges of Complex Data Extraction and Document Classification through Advanced Natural Language Processing and Machine Learning MICROSOFT.
©2015 Check Point Software Technologies Ltd. 1 Website Watering Holes Endpoints are at risk in numerous ways, especially when social engineering is applied.

©2015 Check Point Software Technologies Ltd. 1 Website Watering Holes Endpoints are at risk in numerous ways, especially when social engineering is applied.
©2015 Check Point Software Technologies Ltd. 1 [Restricted] ONLY for designated groups and individuals CHECK POINT MOBILE THREAT PREVENTION.

©2015 Check Point Software Technologies Ltd. 1 [Restricted] ONLY for designated groups and individuals CHECK POINT MOBILE THREAT PREVENTION.
Enterprise’ Ever-Evolving Challenge & Constraints Dealing with BYOD Challenges Enable Compliance to Regulations Stay Current with New Consumption Models.

Enterprise’ Ever-Evolving Challenge & Constraints Dealing with BYOD Challenges Enable Compliance to Regulations Stay Current with New Consumption Models.
Despite of spending high on digital information security, organizations still remain exposed to external threats. However, data center providers are helping.

Despite of spending high on digital information security, organizations still remain exposed to external threats. However, data center providers are helping.
Tripwire Threat Intelligence Integrations. 2 Threat Landscape by the Numbers Over 390K malicious programs are found every day AV-Test.org On day 0, only.

Tripwire Threat Intelligence Integrations. 2 Threat Landscape by the Numbers Over 390K malicious programs are found every day AV-Test.org On day 0, only.
Advanced Endpoint Security Data Connectors-Charlotte January 2016

Advanced Endpoint Security Data Connectors-Charlotte January 2016
AuraPortal Cloud Helps Empower Organizations to Organize and Control Their Business Processes via Applications on the Microsoft Azure Cloud Platform MICROSOFT.

AuraPortal Cloud Helps Empower Organizations to Organize and Control Their Business Processes via Applications on the Microsoft Azure Cloud Platform MICROSOFT.
Deployment Planning Services

Deployment Planning Services
Understanding DATA LOSS PREVENTION

Understanding DATA LOSS PREVENTION
Organizations Are Embracing New Opportunities

Organizations Are Embracing New Opportunities
Enterprise Mobility Suite Technical and Business Briefing

Enterprise Mobility Suite Technical and Business Briefing
Today’s cyber security landscape

Today’s cyber security landscape

Similar presentations

Ads by Google