Threat Stack is now F5 Distributed Cloud App Infrastructure Protection (AIP). Start using Distributed Cloud AIP with your team today.
Cybersecurity is known for adding resource burdens to DevSecOps teams. But those burdens can be significantly reduced by the right cloud security solutions. Threat Stack’s RVP of Product and Engineering Chris Ford discusses how ThreatML, now with supervised learning, is reducing both false positives and false negatives in detection. He discusses how machine learning in application infrastructure protection can lead to reducing the burden on teams, while making certain you find the vulnerabilities and threats that you should find. In this snippet from a larger webinar called “Machine Learning Done Right“, he also discusses how using machine learning is automating a lot of the tuning, adding suppressions, and review of alerts in context through detection-in-depth.
Transcript About Workload Reduction through Supervised Learning
Chris Ford, RVP of Product and Engineering, Threat Stack , about Supervised Learning
“We sought to really create a solution that would meaningfully reduce the number of findings that security teams have to go through. And security teams are under stress. There are an increasing number of threats, and most security teams are relatively modest in size. So they don’t have a lot of time to spend sifting through findings. But you have to be willing to generate a finding if there is a real security issue. So we wanted to make sure that our approach was focused on very, very high efficacy; that is, alerting only on things that are real actionable threats, but also making sure that we have proper coverage of known and unknown behaviors.
There are also unknown behaviors, things that you haven’t thought to look for, but should be looking for. And that’s where machine learning can come into play, particularly anomaly detection using unsupervised learning.
And so it is supervised learning then that really ties together rules and anomaly detection in a nice way, in that you’ve got both of those approaches, and you’re using supervised learning to basically filter the output of both, so that you’re looking for what is predictable: What is it?
At the end of the day, you’re reducing both false positives and false negatives. So you’re reducing the burden on teams and you are finding the things that you should find. And because we’re using machine learning here, then you’re automating a lot of the tuning, adding of suppressions, and review of alerts.”
Learn how ThreatML with supervised learning reduces the burden on DevSecOps teams: contact us today.
Threat Stack is now F5 Distributed Cloud App Infrastructure Protection (AIP). Start using Distributed Cloud AIP with your team today.
About the Author
Related Blog Posts
F5 accelerates and secures AI inference at scale with NVIDIA Cloud Partner reference architecture
F5’s inclusion within the NVIDIA Cloud Partner (NCP) reference architecture enables secure, high-performance AI infrastructure that scales efficiently to support advanced AI workloads.
F5 Silverline Mitigates Record-Breaking DDoS Attacks
Malicious attacks are increasing in scale and complexity, threatening to overwhelm and breach the internal resources of businesses globally. Often, these attacks combine high-volume traffic with stealthy, low-and-slow, application-targeted attack techniques, powered by either automated botnets or human-driven tools.
F5 Silverline: Our Data Centers are your Data Centers
Customers count on F5 Silverline Managed Security Services to secure their digital assets, and in order for us to deliver a highly dependable service at global scale we host our infrastructure in the most reliable and well-connected locations in the world. And when F5 needs reliable and well-connected locations, we turn to Equinix, a leading provider of digital infrastructure.
Volterra and the Power of the Distributed Cloud (Video)
How can organizations fully harness the power of multi-cloud and edge computing? VPs Mark Weiner and James Feger join the DevCentral team for a video discussion on how F5 and Volterra can help.
Phishing Attacks Soar 220% During COVID-19 Peak as Cybercriminal Opportunism Intensifies
David Warburton, author of the F5 Labs 2020 Phishing and Fraud Report, describes how fraudsters are adapting to the pandemic and maps out the trends ahead in this video, with summary comments.
The Internet of (Increasingly Scary) Things
There is a lot of FUD (Fear, Uncertainty, and Doubt) that gets attached to any emerging technology trend, particularly when it involves vast legions of consumers eager to participate. And while it’s easy enough to shrug off the paranoia that bots...