{"id":6,"date":"2020-11-01T11:05:06","date_gmt":"2020-11-01T11:05:06","guid":{"rendered":"http:\/\/infosecml.com\/?page_id=6"},"modified":"2021-07-20T12:29:56","modified_gmt":"2021-07-20T12:29:56","slug":"exploring-machine-learning-for-information-security","status":"publish","type":"page","link":"https:\/\/infosecml.com\/","title":{"rendered":"Exploring Machine Learning for Information Security"},"content":{"rendered":"\n

Information security is a prime candidate to be enhanced by Machine Learning<\/strong><\/h3>\n\n\n\n

Information Security tends to create an awful lot of data. Not only do all of your security controls provide log and status data but most of your systems will also produce log data which is at least partially applicable to security. Analysing that data and getting useful insights from it can be a bit of a challenge however. Initially SIEM technology was developed to provide simple correlation of specific alert events and to visualise trends in particular data types but whilst that improved security from where ti had been before, it hardly put the good guys out in front!<\/p>\n\n\n\n

The use of statistical and Machine Learning methods allowed the creation of UEBA systems. Able to model trends in behaviour initially for users and then for systems and applications, these tools provided a real advantage to security operations teams. Later versions of these tools also provided full user and entity timelines as well as automation of response, taking much of the drudgery away from hard pressed security professionals.<\/p>\n\n\n\n

\n

One of the most important forms of data which is often overlooked is contextual data. Information about the users and entities being monitored can provide valuable information to analytics systems, identifying peer groups for behaviour, owners of systems and other information to enhance base monitoring data.<\/p>\n\n\n\n

All of this gives the budding Security data scientist a wealth of opportunity to identify abnormal behaviour or potential threats to an organisation. This site is dedicated to provide help and support to those building their own SIEM, UEBA system or just analysing activity logs collected in another system.<\/p>\n\n\n\n

<\/p>\n<\/div><\/div>\n\n\n\n

\n
\n
<\/div><\/div>\n\n\n\n
<\/div><\/div>\n<\/div>\n\n\n\n
\n
<\/div><\/div>\n\n\n\n
<\/div><\/div>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"

Information security is a prime candidate to be enhanced by Machine Learning Information Security tends to create an awful lot of data. Not only do all of your security controls provide log and status data but most of your systems will also produce log data which is at least partially applicable to security. Analysing that […]<\/p>\n","protected":false},"author":1,"featured_media":370,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-6","page","type-page","status-publish","has-post-thumbnail","hentry"],"yoast_head":"\nExploring Machine Learning for Information Security - InfoSecML %<\/title>\n<meta name=\"description\" content=\"Machine learning can transform the effectiveness of information security strategies\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/infosecml.com\/\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Exploring Machine Learning for Information Security - InfoSecML %\" \/>\n<meta property=\"og:description\" content=\"Machine learning can transform the effectiveness of information security strategies\" \/>\n<meta property=\"og:url\" content=\"https:\/\/infosecml.com\/\" \/>\n<meta property=\"og:site_name\" content=\"InfoSecML\" \/>\n<meta property=\"article:modified_time\" content=\"2021-07-20T12:29:56+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/infosecml.com\/wp-content\/uploads\/2020\/11\/IMG_1777-scaled.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1920\" \/>\n\t<meta property=\"og:image:height\" content=\"2560\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/infosecml.com\\\/\",\"url\":\"https:\\\/\\\/infosecml.com\\\/\",\"name\":\"Exploring Machine Learning for Information Security - InfoSecML %\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/infosecml.com\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/infosecml.com\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/infosecml.com\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/infosecml.com\\\/wp-content\\\/uploads\\\/2020\\\/11\\\/IMG_1777-scaled.jpg\",\"datePublished\":\"2020-11-01T11:05:06+00:00\",\"dateModified\":\"2021-07-20T12:29:56+00:00\",\"description\":\"Machine learning can transform the effectiveness of information security strategies\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/infosecml.com\\\/#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/infosecml.com\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\\\/\\\/infosecml.com\\\/#primaryimage\",\"url\":\"https:\\\/\\\/infosecml.com\\\/wp-content\\\/uploads\\\/2020\\\/11\\\/IMG_1777-scaled.jpg\",\"contentUrl\":\"https:\\\/\\\/infosecml.com\\\/wp-content\\\/uploads\\\/2020\\\/11\\\/IMG_1777-scaled.jpg\",\"width\":1920,\"height\":2560,\"caption\":\"Neural networks - a mixture of maths and hardware\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/infosecml.com\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/infosecml.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Exploring Machine Learning for Information Security\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/infosecml.com\\\/#website\",\"url\":\"https:\\\/\\\/infosecml.com\\\/\",\"name\":\"InfoSecML\",\"description\":\"The home of Machine Learning and Advanced Analytics for Information Security\",\"publisher\":{\"@id\":\"https:\\\/\\\/infosecml.com\\\/#\\\/schema\\\/person\\\/f11f4ea3133147a580202f13b6da27e8\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/infosecml.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-GB\"},{\"@type\":[\"Person\",\"Organization\"],\"@id\":\"https:\\\/\\\/infosecml.com\\\/#\\\/schema\\\/person\\\/f11f4ea3133147a580202f13b6da27e8\",\"name\":\"Steve Gailey\",\"logo\":{\"@id\":\"https:\\\/\\\/infosecml.com\\\/#\\\/schema\\\/person\\\/image\\\/\"},\"sameAs\":[\"http:\\\/\\\/infosecml.com\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Exploring Machine Learning for Information Security - InfoSecML %","description":"Machine learning can transform the effectiveness of information security strategies","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/infosecml.com\/","og_locale":"en_GB","og_type":"article","og_title":"Exploring Machine Learning for Information Security - InfoSecML %","og_description":"Machine learning can transform the effectiveness of information security strategies","og_url":"https:\/\/infosecml.com\/","og_site_name":"InfoSecML","article_modified_time":"2021-07-20T12:29:56+00:00","og_image":[{"width":1920,"height":2560,"url":"https:\/\/infosecml.com\/wp-content\/uploads\/2020\/11\/IMG_1777-scaled.jpg","type":"image\/jpeg"}],"twitter_card":"summary_large_image","twitter_misc":{"Estimated reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/infosecml.com\/","url":"https:\/\/infosecml.com\/","name":"Exploring Machine Learning for Information Security - InfoSecML %","isPartOf":{"@id":"https:\/\/infosecml.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/infosecml.com\/#primaryimage"},"image":{"@id":"https:\/\/infosecml.com\/#primaryimage"},"thumbnailUrl":"https:\/\/infosecml.com\/wp-content\/uploads\/2020\/11\/IMG_1777-scaled.jpg","datePublished":"2020-11-01T11:05:06+00:00","dateModified":"2021-07-20T12:29:56+00:00","description":"Machine learning can transform the effectiveness of information security strategies","breadcrumb":{"@id":"https:\/\/infosecml.com\/#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/infosecml.com\/"]}]},{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/infosecml.com\/#primaryimage","url":"https:\/\/infosecml.com\/wp-content\/uploads\/2020\/11\/IMG_1777-scaled.jpg","contentUrl":"https:\/\/infosecml.com\/wp-content\/uploads\/2020\/11\/IMG_1777-scaled.jpg","width":1920,"height":2560,"caption":"Neural networks - a mixture of maths and hardware"},{"@type":"BreadcrumbList","@id":"https:\/\/infosecml.com\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/infosecml.com\/"},{"@type":"ListItem","position":2,"name":"Exploring Machine Learning for Information Security"}]},{"@type":"WebSite","@id":"https:\/\/infosecml.com\/#website","url":"https:\/\/infosecml.com\/","name":"InfoSecML","description":"The home of Machine Learning and Advanced Analytics for Information Security","publisher":{"@id":"https:\/\/infosecml.com\/#\/schema\/person\/f11f4ea3133147a580202f13b6da27e8"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/infosecml.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-GB"},{"@type":["Person","Organization"],"@id":"https:\/\/infosecml.com\/#\/schema\/person\/f11f4ea3133147a580202f13b6da27e8","name":"Steve Gailey","logo":{"@id":"https:\/\/infosecml.com\/#\/schema\/person\/image\/"},"sameAs":["http:\/\/infosecml.com"]}]}},"_links":{"self":[{"href":"https:\/\/infosecml.com\/index.php\/wp-json\/wp\/v2\/pages\/6","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/infosecml.com\/index.php\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/infosecml.com\/index.php\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/infosecml.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/infosecml.com\/index.php\/wp-json\/wp\/v2\/comments?post=6"}],"version-history":[{"count":25,"href":"https:\/\/infosecml.com\/index.php\/wp-json\/wp\/v2\/pages\/6\/revisions"}],"predecessor-version":[{"id":362,"href":"https:\/\/infosecml.com\/index.php\/wp-json\/wp\/v2\/pages\/6\/revisions\/362"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/infosecml.com\/index.php\/wp-json\/wp\/v2\/media\/370"}],"wp:attachment":[{"href":"https:\/\/infosecml.com\/index.php\/wp-json\/wp\/v2\/media?parent=6"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}