An intro to Machine Learning and Threat Hunting

Machine learning is making cyber security professionals more productive and less expensive, while increasing productivity. However, the essential data has to be there to support it. Machine learning is about manipulating and developing patterns in order to recognize and develop the means to detect and recognize common average coding practices and exploit zero day weaknesses that are still unknown. Using machine learning, an analyst can input data to help clean up code and enforce best coding practices, spotting well-known coding errors and weaknesses, while at the same time validating user inputs and rejecting invalid entries. This will help increase the quality of programs and user interactions with everyday technology experiences for the end users. 

pexels-alex-knight-2599244.jpg

Machine learning will help increase the structure and quality of code being used. This machine can then be specially designed based on applications, protocols, and models used throughout the various industries in computer science. These algorithms could be calibrated for those various industries to help remove the human condition. For management of these industries, this means asking the appropriate questions needed to address ever growing concerns, while employing those capable of maintaining these growing fields. The other growing issue that arises would be the massive amounts of information currently available from various sources, compiling and organizing that data. Another problem that would come up would be figuring out what data is needed and acceptable for the given environment. The major challenge facing machine learning is retrieving data from the network, endpoint and cloud; normalizing this data to be effectively used.

Threat hunting is a defensive activity, hunting threats is actively searching and looking for malware and other known threats possibly hidden in the network and various other locations. These threats could be running in the background, stealing private and confidential information, encrypting it and then bypassing security controls that are in place. At its core, Cyber Security is all about the people, even those that are causing the problems and breaking societal rules and norms. Then you have the professionals and enthusiast that are out hunting these known issues and finding others yet to be discovered. Machine learning helps to hunt threats, organize large amounts of data, recognize signature patterns along with common weaknesses and securing all aspects of the network environment.