As soon as the ITOps technician is ready to grab a cup of coffee, a zing comes along as an alert. Cling after zing, the technician has to respond to so many alerts leading to fatigue. The question is why can’t systems be smart enough to predict bugs and fix them before sending an alert to them. And, imagine what happens when these ITOps personnel have to work with a complex and hybrid cloud of IT systems and applications. They will dive into alert fatigue.

As we’ve shown in a previous blog, search-based detection rules and Elastic’s machine learning-based anomaly detection can be a powerful way to identify rare and unusual activity in cloud API logs. Now, as of Elastic Security 7.13, we’ve introduced a new set of unsupervised machine learning jobs for network data, and accompanying alert rules, several of which look for geographic anomalies.

Organizations will spend $327.5 billion in 2021 for AI systems according to the IDC report, but not all AI and Machine Leaning investments will bring the desired outcomes.

At its core, HIPAA compliance is simply about maintaining patient privacy by ensuring the appropriate access to and use of patient data by your users. Electronic Health Record (EHR) solutions provide detail around when patient data is accessed, but without visibility into what users do with sensitive patient data after they access it, the risk of data breaches, compliance violations, and the investigations, fines, and reputational damage that comes with them, is significantly increased.

Many businesses are now talking about artificial intelligence (AI), and specifically machine learning, as a way to solve data problems more effectively. In theory, this sounds easy. What could be better than using AI to get a computer to learn how to solve a problem over time, without manual intervention? The reality is very different, however.

First, what is ransomware? Ransomware is a form of malware that encrypts files on the victim’s machine and demands a ransom for restoring access to the files. The instructions on how to pay the ransom are put in a ransom note.

Cloud API logs are a significant blind spot for many organizations and often factor into large-scale, publicly announced data breaches. They pose several challenges to security teams: For all of these reasons, cloud API logs are resistant to conventional threat detection and hunting techniques.

According to a seminal Clark School study, a hacker attacks a computer with internet access every 39 seconds. What’s more, almost a third of all Americans have been harmed by a hacker at one point or another, and more than two-thirds of companies have been victims of web-based attacks. A 2020 IBM study showed that the total cost of data breaches worldwide amounted to $3.9 million, which just may sound the death knell for many businesses affected by breaches.

Security is an essential part of any modern IT foundation, whether in smaller shops or at enterprise-scale. It used to be sufficient to implement rules-based software to defend against malicious actors, but those malicious actors are not standing still. Just as every aspect of IT has become more sophisticated, attackers have continued to innovate as well. Building more and more rules-based software to detect security events means you are always one step behind in an unsustainable fight.