Attacks/Breaches

3/25/2016
11:30 AM
Andrew Thomson
Andrew Thomson
Commentary
Connect Directly
Twitter
LinkedIn
RSS
E-Mail vvv
50%
50%

How 4 Startups Are Harnessing AI In The Invisible Cyberwar

Cybersecurity startups are setting their scopes on a potential goldmine of automated systems they hope will be more effective than hiring human enterprise security teams.

There is growing concern across the board that we might be losing control over cybersecurity. The rapid changes in how we use technology to communicate and the increased number of connected devices means the points of entry or breach are growing. Because the pace of change has been so rapid, security hasn't adapted fast enough and hackers are taking full advantage. The traditional ways of dealing with cyber threats are beginning to look hopelessly inadequate.

This concern goes right to the top. Since entering the White House in 2009, President Obama has repeatedly called for improvements in cybersecurity and in December 2015 announced a new cybersecurity bill which allocated $14 billion of federal spending to further secure government information online. With global cyber spending expected to reach $170 billion by 2020, eyes are on the cybersecurity industry to see who can offer the best solutions.

But while the rest of the industry gets up to speed, a number of forward-thinking cybersecurity startups are attempting to harness the power of artificial intelligence to strengthen the defenses of the good guys. They are identifying, locating, and destroying potential threats in a manner that promises to be quicker and more effective than traditional methods.

Darktrace

Using machine learning techniques inspired by the self-learning intelligence of the human immune system, UK-based startup Darktrace tackles the challenge of detecting previously unidentifiable cyber threats in real time, and allows them to be eradicated more quickly than traditional approaches. Unlike traditional cybersecurity systems in which malicious threats and viruses are manually added to a list and then blocked, Darktrace uses a system based on machine learning and mathematics that can detect threats without any prior knowledge of what it is looking for, cutting out the need for human intervention. The groundbreaking new system was developed by engineers and mathematicians from the University of Cambridge.

Jask

JASK, a San Francisco-based startup, is building what it calls “the world’s first, predictive security operations center" for enterprise-level cybersecurity. The system aims to assist enterprises of all sizes keep ahead of sophisticated cyberattackers by moving past the limitations of existing solutions with proactive A.I security measures. With enterprises adding more and more software applications to their networks, and relying more heavily on cloud for saving data, JASK’s approach  “finds threats buried in data — all in an automated way that doesn’t require [companies] to throw more bodies at the problem,” according to Greg Martin, Jask founder and CEO.

Deep Instinct

Launched in November 2015, this Tel Aviv-based startup is using sophisticated deep learning algorithms to improve cybersecurity in the banking, financial, and government spheres in the U.S and Israel. The Deep Instinct engine is modeled on the human brain’s ability to learn. Once a brain learns to identify an object, it can identify it again in the future instinctively. Similarly, as Deep Instinct’s artificial brain learns to detect any type of cyber threat, its prediction capabilities become faster and more developed. The company recently partnered with FireLayers to create the first commercially available AI solution for enterprise cloud applications. The solution focuses on both detection and prevention, targeting the market for advanced persistent threats (APT) solutions.

harvest.ai

harvest.ai is approaching AI cybersecurity from a slightly different angle, based on the idea that to truly secure your defenses, you need to know your weak points and principle targets.

Founder and CEO Alexander Watson is no stranger to industrial espionage and cyberattacks, having worked as a field agent for the NSA for nearly a decade. The company has created AI-based algorithms that learn the business value of critical documents, monitor who is using or moving them, and detect and stop data breaches from targeted attacks and insider threats before data can be copied or stolen. harvest.ai’s MACIE system detects anomalies in how users access the network by analyzing changes in location of access, browsing habits, data transfers and other telemetry that can be harnessed from external systems. The system can also alert users if an important document is accidentally shared publicly on a cloud or network, or sent to the wrong person. 

Related content:

 

Interop 2016 Las VegasFind out more about security threats at Interop 2016, May 2-6, at the Mandalay Bay Convention Center, Las Vegas. Click here for pricing and to register. 

Andrew Thomson is the CEO and Founder of VentureRadar, a big data and machine-learning company that discovers and ranks companies, making them visible to potential partners, customers, and investors. In recent months the company has been commissioned to do various scouting ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
5 Reasons the Cybersecurity Labor Shortfall Won't End Soon
Steve Morgan, Founder & CEO, Cybersecurity Ventures,  12/11/2017
BlueBorne Attack Highlights Flaws in Linux, IoT Security
Kelly Sheridan, Associate Editor, Dark Reading,  12/14/2017
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
The Year in Security: 2017
A look at the biggest news stories (so far) of 2017 that shaped the cybersecurity landscape -- from Russian hacking, ransomware's coming-out party, and voting machine vulnerabilities to the massive data breach of credit-monitoring firm Equifax.
Flash Poll
The State of Ransomware
The State of Ransomware
Ransomware has become one of the most prevalent new cybersecurity threats faced by today's enterprises. This new report from Dark Reading includes feedback from IT and IT security professionals about their organization's ransomware experiences, defense plans, and malware challenges. Find out what they had to say!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.