Future of Cybersecurity: Network Detection and Response - Using ML Technology

Future of Cybersecurity: ThreatWarrior


Like many others (and probably most of you reading this), over the last year, we’ve observed a significant increase in the number of cyber attacks and a growing diversity in cyber threat type. What’s more, cyber attacks don’t discriminate – commercial industries and government institutions alike are common victims of cyber attacks, creating a complex and multifaceted cybersecurity problem. Our population’s dependence on sophisticated technology continues to grow and, at the same time, the threat environment continues to evolve in a uniquely dynamic and daunting way. The future of cybersecurity depends on solutions that can keep pace with the evolving threat environment.

Just how secure is your cybersecurity?

Concerned by a future of threats and data breaches, we began thinking about ways to apply our machine learning and behavioral analysis experience toward solving the problem. We realized that, while necessary, traditional, reactive perimeter-based approaches to cybersecurity are insufficient, and that artificial intelligence-driven network defense would provide a more resilient security posture.

We approached the problem with the mindset that your systems would be compromised. It’s just too easy. Exploiting security flaws, social engineering, zero-day attacks, insider threats… if someone knows what they’re doing, they can probably infiltrate your network. When they do, most threats are not discovered for at least 150 days, if ever. That’s more than enough time to extract any data the attacker needs to cause harm. What’s more, your data integrity is now compromised – any software corruption, data changes or malware have been immortalized into the organization’s long term backups. The costs of cleanup and potential impact to reputation can be tremendous.

The Future of Cybersecurity is ThreatWarrior™: Cyber Immune Response™

When tackling the issue of persistent cyber attacks, we used the human immune system as a guide. The human body has not been exposed to all the viruses in the world, and viruses are constantly mutating. But your body knows you; it knows itself. It knows what’s ‘normal’ and it generally identifies compromises and mobilizes against the threat.

For example, if you catch a common cold, you might tell someone that you “may be coming down with something.” Your body has already detected an anomaly within, and you can feel that something is wrong. This triggers your immune system to respond to the threat, releasing antibodies to seek and destroy pathogens.

We wanted our solution to provide that same response; trigger that same level of “something is not right” that your body experiences. That’s why ThreatWarrior was designed to mimic human immune system functions, providing what we call the Cyber Immune Response™ that delivers rapid threat identification, accelerated response and threat prevention capabilities.

So what is ThreatWarrior?

ThreatWarrior is the first cybersecurity solution to utilize unsupervised deep neural networks to guard against complex cyber attacks. It is modeled after the human immune system, delivering a Cyber Immune Response™ to alert to cyber threats in real time. It uses artificial intelligence, machine learning and unsupervised deep neural networks to observe network traffic, learn ‘normal’ behavior, and predict and detect cyber attacks. If the future of cybersecurity contains ever-evolving threats, then ThreatWarrior is the system to detect them.

The solution is provided as an appliance, installed locally within a user’s data center. It seamlessly plugs into the network, learning, and monitoring without any disruption to existing business operations.

The system can detect anomalies caused by zero-day attacks and other generally unknown activities that compromise networks using techniques yet to be discovered and patched by vendors. While our initial approach was to solve external threat detection, we quickly realized that in modern businesses, it’s almost impossible to distinguish “internal” and “external.” Our technology environments are so complex and so intertwined that “inside” becomes “outside” and vulnerabilities are opened up everywhere. Learn more about ThreatWarrior’s network detection and response cybersecurity solution.

Plus, what’s the use of external threat detection if the threat is already inside? Our unique, multi-engine approach enables ThreatWarrior to discover insider threats as well. Whether it’s cyber espionage carried out by employees or contractors, software being used that violates corporate compliance and policies, data transfers outside the organization, system hacking or any other unusual activity, we’ll catch it.

Through the WOPR dashboard (Warnings, Oversight, Protection & Response – yes, Professor Falken, it’s a WarGames reference), a user can see information on the number of threats detected, view health of the system, and learn about the people, devices and network to determine what ‘normal’ behavior is. An amazing 3D visualizer (created using game visualization) provides a cyber analyst with real-time views of the network, traffic movement, threat events, compliance enforcement and much more.

Related Insights