Five Tools That Use AI for Cybersecurity

-

AI is being employed by attackers, such as within Deeplocker malware, which avoided a tight cyber security mechanism by utilising AI models to attack target hosgts using face recognition, geolocation and speech recognition.

This attack speaks volumes about the huge role of AI in cyber security domains. To counter attack and defend, AI for cybersecurity has become necessary.

Large and small organizations and even startups invest heavily in building AI systems to analyze large data and in turn, help their cybersecurity professionals to identify possible threats and take precautions or immediate actions to resolve them.

Phishing, one of the simplest and most common social engineering cyber attacks is now easy to master by attackers. Many tools are available on the dark web to help anyone get phishing. In such conditions, it is very important that organizations take the necessary precautions to safeguard their information castle. What is better than AI?

Here are five tools that employ AI for cybersecurity:

TAA tool (Symantec’s Targeted Attack analytics):

This tool was developed by Symantec and is used to uncover hidden and targeted attacks. It applies AI and machine learning to the processes, knowledge and capabilities of Symantec security experts and researchers.

The TAA tool was used by Symantec to fight a Dragonfly 2.0 attack last year. This attack targeted several energy companies and tried to gain access to operational networks.

The TAA tool analyzes incidents in the network against incidents found on their Symantec threat data lake.

TAA reveals suspicious activities at each endpoint and compiles the information to determine whether each action indicates hidden evil activity. The TAA tool is now available for Symantec Advanced Threat Protection (ATP) customers.

X Sophos Intercept Tool:

The tool, the Intercept X, uses deep learning neural networks that work similar to the human brain.In 2010, the US Defense Advanced Research Project Agency (DARPA) created their first Cyber Genome Program to uncover ‘DNA’ of malware and other cyber threats, which led to the creation of algorithms on the Intercept X.

Before the file is executed, the Intercept X can extract millions of features from the file, conduct in-depth analysis, and determine whether the file is benign or dangerous in 20 milliseconds. This model is trained about real-world feedback and sharing two-way threat intelligence through access to millions of samples provided by data scientists. This results in a high level of accuracy for existing malware and zero-day malware, and a lower false positive level. Intercept X uses behaviour analysis to limit new ransomware and boot-record attacks. Intercept X has been tested on several third parties such as the NSS laboratory and received a high score. It was also proven in VirusTotal since August 2016.

Darktrace Antigena:

Darktrace Antigena is Darktrace’s active self-defence product. Antigena extends Darktrace’s core capabilities to detect and replicate digital antibody functions that identify and neutralize threats and viruses.

Antigena utilizes Darktrace’s Enterprise Immune System to identify suspicious activities and respond in real-time, depending on the severity of the threat.

With the help of the underlying machine learning technology, Darktrace Antigena identifies and protects against unknown threats as they develop. This does this without the need for human intervention, prior knowledge of attacks, rules or signatures. With such automatic response capabilities, organizations can respond to threats quickly, without disrupting normal business activity patterns.

The Darktrace Antigena module helps manage user and machine access to the internet, messaging protocols and machine and network connectivity through various products such as Antigena Internet, Antigena Communication, and Antigena networks.

IBM QRadar Advisor:

QRadar Advisor IBM uses IBM Watson technology to fight cyber attacks. Using AI to automatically investigate indicators of all compromises or exploits. QRadar advisors use cognitive reasoning to provide critical insight and further accelerate the response cycle. With the help of IBM QRadar Advisor, security analysts can assess threat incidents and reduce their risk of losing.

IBM QRadar Advisor features

Automatic incident investigation

The QRadar advisor with Watson investigated threat incidents by mining local data using what could be observed in the incident to gather a broader local context. This then quickly assessed the threat about whether they had passed a layered or blocked defence.

Give smart reasons

QRadar identifies possible threats by applying cognitive reasoning. It connects threat entities associated with genuine incidents such as malicious files, suspicious IP addresses, and malicious entities to attract relationships between these entities.

High priority risk identification

With this tool, one can get critical insights about an incident, such as whether the malware has been executed or not, with supporting evidence to focus your time on the threat of higher risks. Then make a quick decision about the best response method for your business.

Key insights about users and important assets

QRadar IBM can detect suspicious behaviour from people through integration with the User Behavior Analysis Application (UBA) and understand how certain activities or profiles affect the system.

Read the source article at TechiExpert.



from AI Trends http://bit.ly/2FukVbN
via IFTTT

Comments

Post a Comment

Popular posts from this blog

Underwater Autonomous Vehicles Helping Navy Get More for the Money 

-
Image
By AI Trends Staff     As the  US Navy  strives to get to a 355-ship fleet by 2034, part of a 30-year plan the Navy outlined in 2019, it is finding it economical to use underwater autonomous vehicles. They meet many of the requirements of larger submarines at a fraction of the cost.     For example, the Navy awarded Boeing a $43-million contract to build four Orca Extra Large Unmanned Undersea Vehicles (XLUUVs) last year, described in a release from  USNI News .      Boeing based its winning Orca XLUUV design on its Echo Voyager unmanned diesel-electric submersible. The 51-foot-long submersible is launched from a pier and can operate autonomously while sailing up to 6,500 nautical miles without being connected to a manned mother ship, according to the Navy.   In military spending terms, the versatility of the Orca at the price is “fairly unheard of in military spending,” according to an account in  The National Interest . The nearest equivalent was cited as the Navy’s Littoral Com
Read more

Canada regulator seeks information from public on Rogers-Shaw deal

-
(Reuters) - A Canadian regulator on Tuesday asked for information from the public on telecom company Rogers Communications Inc's planned C$20 billion ($16 billion) purchase of Shaw Communications Inc to check for competition concerns. The deal announced in March to create Canada's second-largest cellular and cable operator has attracted regulatory scrutiny. The Competition Bureau said in August it obtained court orders to advance its review. The regulator on Tuesday asked market participants and Canadians to come forth with information that could assist the regulator's probe on whether the deal will reduce or prevent competition. The Competition Bureau said its review was ongoing and no conclusions have been made. ... Read More on Datafloq
Read more