The Teneo Group

Is Machine Learning Changing the Security Industry?

I was at dinner last night, and the topic of machine learning (ML) came up. The question is whether or not it will change the security industry. The answer, of course, is yes. Machine learning has been in the works for years. What do you think heuristics are all about? Every major player in the security arena is betting on ML, whether they call it that or not. They all want to automate catching the unknown or being the best at the number of unknown malware they can find. Here is an example of one of the best.

There are many companies out there that focus on breach detection and have a specific product to do it. IBM, Cisco, Tipping Point, Exabeam, and Intel are some of the big guys. Down to the niche guys like Kerio, Ziften, and SpectorSoft. What I find particularly interesting, however, is that they are all going about it in the same way. It’s as if they all went to the same school, were taught by the same teachers, and learned the same things. They all look for known bad actors and variations of them, and they alert when they see something.

A new a refreshing idea that I saw is knowing what “known good” looks like. I have been preaching this to my customers for years, but I think LightCyber takes it to the next level. If the bad guys can develop new exploits and then test it against known working detection systems, who do you think has the upper hand? It is this way and has been this way since the advent of good versus bad. How many hashes, domains, reputations, and lists of IPs does it take? Eventually, you are overloaded on the data, and it is no longer useful.

What LightCyber is doing that I find refreshing is creating “known good” user patterns. They understand what good looks like, and where there is a deviation it creates an alert—not just at the log level. Here is a little bit more about it. There is a white paper here, but you have to enter your information. Also, just to be clear, Teneo is in no way affiliated with LightCyber today. However, their approach is very refreshing.


We'll spot-check your infrastructure with a Complimentary Security Analysis

Register Now

The Teneo Group is a leader in commercial network security services, data security, and proactive threat prevention, including mobile, endpoint, cloud, enterprise, and beyond. We offer custom strategies to clients in an array of industries, with offices in Washington, DC; Pittsburgh, PA; Raleigh, NC; and Columbia, SC.

  • 888-814-9995
  • 1725 I Street NW Suite 300 Washington, DC 20006
  • 4242 Six Forks Road Suite 1550 Raleigh, NC 27609
  • 301 Grant Street Suite 4300 Pittsburgh, PA 15219
  • 1320 Main Street Suite 300 Columbia, SC 29201