Attacks/Breaches

3/25/2016
11:30 AM
Andrew Thomson
Andrew Thomson
Commentary
Connect Directly
Twitter
LinkedIn
RSS
E-Mail vvv
50%
50%

How 4 Startups Are Harnessing AI In The Invisible Cyberwar

Cybersecurity startups are setting their scopes on a potential goldmine of automated systems they hope will be more effective than hiring human enterprise security teams.

There is growing concern across the board that we might be losing control over cybersecurity. The rapid changes in how we use technology to communicate and the increased number of connected devices means the points of entry or breach are growing. Because the pace of change has been so rapid, security hasn't adapted fast enough and hackers are taking full advantage. The traditional ways of dealing with cyber threats are beginning to look hopelessly inadequate.

This concern goes right to the top. Since entering the White House in 2009, President Obama has repeatedly called for improvements in cybersecurity and in December 2015 announced a new cybersecurity bill which allocated $14 billion of federal spending to further secure government information online. With global cyber spending expected to reach $170 billion by 2020, eyes are on the cybersecurity industry to see who can offer the best solutions.

But while the rest of the industry gets up to speed, a number of forward-thinking cybersecurity startups are attempting to harness the power of artificial intelligence to strengthen the defenses of the good guys. They are identifying, locating, and destroying potential threats in a manner that promises to be quicker and more effective than traditional methods.

Darktrace

Using machine learning techniques inspired by the self-learning intelligence of the human immune system, UK-based startup Darktrace tackles the challenge of detecting previously unidentifiable cyber threats in real time, and allows them to be eradicated more quickly than traditional approaches. Unlike traditional cybersecurity systems in which malicious threats and viruses are manually added to a list and then blocked, Darktrace uses a system based on machine learning and mathematics that can detect threats without any prior knowledge of what it is looking for, cutting out the need for human intervention. The groundbreaking new system was developed by engineers and mathematicians from the University of Cambridge.

Jask

JASK, a San Francisco-based startup, is building what it calls “the world’s first, predictive security operations center" for enterprise-level cybersecurity. The system aims to assist enterprises of all sizes keep ahead of sophisticated cyberattackers by moving past the limitations of existing solutions with proactive A.I security measures. With enterprises adding more and more software applications to their networks, and relying more heavily on cloud for saving data, JASK’s approach  “finds threats buried in data — all in an automated way that doesn’t require [companies] to throw more bodies at the problem,” according to Greg Martin, Jask founder and CEO.

Deep Instinct

Launched in November 2015, this Tel Aviv-based startup is using sophisticated deep learning algorithms to improve cybersecurity in the banking, financial, and government spheres in the U.S and Israel. The Deep Instinct engine is modeled on the human brain’s ability to learn. Once a brain learns to identify an object, it can identify it again in the future instinctively. Similarly, as Deep Instinct’s artificial brain learns to detect any type of cyber threat, its prediction capabilities become faster and more developed. The company recently partnered with FireLayers to create the first commercially available AI solution for enterprise cloud applications. The solution focuses on both detection and prevention, targeting the market for advanced persistent threats (APT) solutions.

harvest.ai

harvest.ai is approaching AI cybersecurity from a slightly different angle, based on the idea that to truly secure your defenses, you need to know your weak points and principle targets.

Founder and CEO Alexander Watson is no stranger to industrial espionage and cyberattacks, having worked as a field agent for the NSA for nearly a decade. The company has created AI-based algorithms that learn the business value of critical documents, monitor who is using or moving them, and detect and stop data breaches from targeted attacks and insider threats before data can be copied or stolen. harvest.ai’s MACIE system detects anomalies in how users access the network by analyzing changes in location of access, browsing habits, data transfers and other telemetry that can be harnessed from external systems. The system can also alert users if an important document is accidentally shared publicly on a cloud or network, or sent to the wrong person. 

Related content:

 

Interop 2016 Las VegasFind out more about security threats at Interop 2016, May 2-6, at the Mandalay Bay Convention Center, Las Vegas. Click here for pricing and to register. 

Andrew Thomson is the CEO and Founder of VentureRadar, a big data and machine-learning company that discovers and ranks companies, making them visible to potential partners, customers, and investors. In recent months the company has been commissioned to do various scouting ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
New Mexico Man Sentenced on DDoS, Gun Charges
Dark Reading Staff 5/18/2018
Is Threat Intelligence Garbage?
Chris McDaniels, Chief Information Security Officer of Mosaic451,  5/23/2018
More Than Half of Users Reuse Passwords
Curtis Franklin Jr., Senior Editor at Dark Reading,  5/24/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Shhh!  They're watching... And you have a laptop?  
Current Issue
Flash Poll
[Strategic Security Report] Navigating the Threat Intelligence Maze
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-11440
PUBLISHED: 2018-05-25
Liblouis 3.5.0 has a stack-based Buffer Overflow in the function parseChars in compileTranslationTable.c.
CVE-2013-3018
PUBLISHED: 2018-05-24
The AXIS webapp in deploy-tomcat/axis in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2 and 7.2.0 through 7.2.1.4 allows remote attackers to obtain sensitive configuration information via a direct request, as demonstrated by happyaxis.jsp. IBM X-Force ID: 84354.
CVE-2013-3023
PUBLISHED: 2018-05-24
IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2 and 7.2.0 through 7.2.1.4 might allow remote attackers to obtain sensitive information about Tomcat credentials by sniffing the network for a session in which HTTP is used. IBM X-Force ID: 84361.
CVE-2013-3024
PUBLISHED: 2018-05-24
IBM WebSphere Application Server (WAS) 8.5 through 8.5.0.2 on UNIX allows local users to gain privileges by leveraging improper process initialization. IBM X-Force ID: 84362.
CVE-2018-5674
PUBLISHED: 2018-05-24
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader before 9.1 and PhantomPDF before 9.1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...