PatternEx announced the first Artificial Intelligence SaaS application for cyber attack detection at RSA Conference 2017. PatternEx’s flagship product, the PatternEx Threat Prediction Platform, is available as a SaaS application with a free trial period to selected customers.
Searching for IoC’s with a SIEM is a time consuming exercise that generates too many false positives to be effective. An Artificial Intelligence solution by contrast rolls up many log lines into a single behavior, then analyzes the behavior pattern utilizing human input, and automates the detection of that pattern in both historical data and as the attacks happen.
The PatternEx Threat Prediction Platform is a human-assisted Artificial Intelligence platform that detects cyberattacks in real time. This approach has been proven to produce five times fewer false positives while detecting ten times more attacks than anomaly detection solutions.
The heart of the PatternEx solution is technology known as “Active Contextual Modeling” or ACM, that synthesizes analyst intuition into predictive models. These models, when deployed across global customers, can learn from each other and achieve a network effect in detecting attack patterns.
PatternEx essentially creates “virtual security analysts” that mimic the intuition of human security analysts, providing InfoSec analyst teams with instant scale, and making existing analysts more efficient.
The Artificial Intelligence SaaS application will include the following:
- Free trial period for selected customers
- Instant visibility into behaviors contained in existing NGFW logs
- Active learning loop, incorporating human input in real time
- Artificial Intelligence models tuned to detect C2 communications
- Automatic model updates adapting to the evolving attack landscape.
The free trial is restricted to detecting C2 communications from the logs of Next Gen Firewalls such as Palo Alto Networks and Fortinet.
Source: Help Net Security – News @ February 17, 2017 at 05:30AM