Threat Stack is now F5 Distributed Cloud App Infrastructure Protection (AIP). Start using Distributed Cloud AIP with your team today.
Cybersecurity is known for adding resource burdens to DevSecOps teams. But those burdens can be significantly reduced by the right cloud security solutions. Threat Stack’s RVP of Product and Engineering Chris Ford discusses how ThreatML, now with supervised learning, is reducing both false positives and false negatives in detection. He discusses how machine learning in application infrastructure protection can lead to reducing the burden on teams, while making certain you find the vulnerabilities and threats that you should find. In this snippet from a larger webinar called “Machine Learning Done Right“, he also discusses how using machine learning is automating a lot of the tuning, adding suppressions, and review of alerts in context through detection-in-depth.
Transcript About Workload Reduction through Supervised Learning
Chris Ford, RVP of Product and Engineering, Threat Stack , about Supervised Learning
“We sought to really create a solution that would meaningfully reduce the number of findings that security teams have to go through. And security teams are under stress. There are an increasing number of threats, and most security teams are relatively modest in size. So they don’t have a lot of time to spend sifting through findings. But you have to be willing to generate a finding if there is a real security issue. So we wanted to make sure that our approach was focused on very, very high efficacy; that is, alerting only on things that are real actionable threats, but also making sure that we have proper coverage of known and unknown behaviors.
There are also unknown behaviors, things that you haven’t thought to look for, but should be looking for. And that’s where machine learning can come into play, particularly anomaly detection using unsupervised learning.
And so it is supervised learning then that really ties together rules and anomaly detection in a nice way, in that you’ve got both of those approaches, and you’re using supervised learning to basically filter the output of both, so that you’re looking for what is predictable: What is it?
At the end of the day, you’re reducing both false positives and false negatives. So you’re reducing the burden on teams and you are finding the things that you should find. And because we’re using machine learning here, then you’re automating a lot of the tuning, adding of suppressions, and review of alerts.”
Learn how ThreatML with supervised learning reduces the burden on DevSecOps teams: contact us today.
Threat Stack is now F5 Distributed Cloud App Infrastructure Protection (AIP). Start using Distributed Cloud AIP with your team today.
About the Author
Related Blog Posts
SaaS-first strategies reshape cloud-native application delivery
F5 NGINXaaS empowers cloud and platform architects to unify operations, reduce complexity, and deliver exceptional digital experiences at scale.
F5 ADSP Partner Program streamlines adoption of F5 platform
The new F5 ADSP Partner Program creates a dynamic ecosystem that drives growth and success for our partners and customers.
Accelerate Kubernetes and AI workloads with F5 BIG-IP and AWS EKS
The F5 BIG-IP Next for Kubernetes software will soon be available in AWS Marketplace to accelerate managed Kubernetes performance on AWS EKS.
F5 NGINX Gateway Fabric is a certified solution for Red Hat OpenShift
F5 collaborates with Red Hat to deliver a solution that combines the high-performance app delivery of F5 NGINX with Red Hat OpenShift’s enterprise Kubernetes capabilities.
F5 Silverline Mitigates Record-Breaking DDoS Attacks
Malicious attacks are increasing in scale and complexity, threatening to overwhelm and breach the internal resources of businesses globally. Often, these attacks combine high-volume traffic with stealthy, low-and-slow, application-targeted attack techniques, powered by either automated botnets or human-driven tools.
Phishing Attacks Soar 220% During COVID-19 Peak as Cybercriminal Opportunism Intensifies
David Warburton, author of the F5 Labs 2020 Phishing and Fraud Report, describes how fraudsters are adapting to the pandemic and maps out the trends ahead in this video, with summary comments.