Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Machine Learning


Leveraging the Dark Side: How CrowdStrike Boosts Machine Learning Efficacy Against Adversaries

The power of the CrowdStrike Falcon® platform lies in its ability to detect and protect customers from new and unknown threats by leveraging the power of the cloud and expertly built machine learning (ML) models. In real-world conditions and in independent third-party evaluations, Falcon’s on-sensor and cloud ML capabilities consistently achieve excellent results across Windows, Linux and macOS platforms.


Fine-tuning Cloud SIEM detections through machine learning

Security engineering teams spend hours every week tuning their security information and event management (SIEM) systems to ensure that they are effective at detecting security threats and minimizing false positives. Such “tuning tax” is common as customers add new SIEM rules to cope with rapidly changing threat landscape and attacker tactics and as their attack surface evolves through automated changes to their application and infrastructure stacks.


Machine Learning in Security: Detect Suspicious TXT Records Using Deep Learning

There are about 90 DNS resource record types (RR) of which many of them are obsolete today. Of the RR’s used, DNS TXT record offers the most flexibility in content by allowing user defined text. The TXT record initially designed to hold descriptive text (RFC 1035) is widely used for email verification, spam prevention and domain ownership verification.


Machine Learning in Security: Detecting Suspicious Processes Using Recurrent Neural Networks

Malicious software like ransomware often use tactics, techniques, and procedures such as copying malicious files to the local machine to propagate themselves across the network. A few years ago, the Cybersecurity and Infrastructure Security Agency, the Federal Bureau of Investigation, and the Department of Health and Human Services issued a joint cybersecurity advisory to ward off potential harm from threat actors for at-risk entities.


Trustwave MailMarshal PageML Scanner Detects 30% More Phishing Attempts

Trustwave’s MailMarshal received a major update this month with the addition of PageML to the Blended Threat Module. The BTM enables the email security solution to conduct in-depth, real-time scans when a URL in an email is clicked to determine if the URL is malicious. PageML boosts the BTM’s ability to detect malicious URLs by one-third by applying machine learning techniques to page content in real time. The new scanning feature is named PageML, short for Page Machine Learning.


CrowdStrike's Free TensorFlow-to-Rust Conversion Tool Enables Data Scientists to Run Machine Learning Models as Pure Safe Code

Deep learning is a core part of CrowdStrike’s arsenal of machine learning (ML) techniques, and we are constantly innovating in this area to boost the performance of our ML models. However, ML can consume large amounts of computing resources. To minimize the computing load and its associated costs, we strive to optimize performance and resource utilization for our models as well as address any safety issues related to the use of third-party tools.

What is Meant by Applied Quantum Computing?

The world of quantum computing is one that has excited technologists and scientists alike for some time. But what is meant by applied quantum computing? In essence, the term 'applied quantum computing' refers to the practical application and implementation of quantum computing algorithms and techniques to solve real-world problems. Such applications of quantum computing can be used to solve problems in fields such as medicine, finance, engineering, and many other areas where complex and extensive calculations are necessary.

Using Artificial Intelligence and Machine Learning to Combat Hands-on-Keyboard Cybersecurity Attacks

With news headlines like “A massive ransomware attack hit hundreds of businesses” becoming common, concern about malware has never been higher. High-profile examples of malware like DarkSide, REvil have been profiled so many times that not only cybersecurity professionals are on edge — every organization that has on-premises or in-the-cloud workloads is concerned.


Corelight Investigator introduces new Machine Learning Models

Corelight Investigator furthers its commitment to delivering next-level analytics through the expansion of its machine learning models. Security teams are now enabled with additional supervised and deep learning models, including: We continue to provide complete transparency behind our evidence -- showing the logic behind our machine learning models and detections, allowing analysts to quickly and easily validate the alerts.