Machine Learning techniques in security have focused on detecting threats. We have trained systems to recognise previous attacks and learn how the bad guys operate. This approach works really well for detection. But what about investigation? How do we use machine learning to automate the tasks analysts perform every day? If we want to build an AI Analyst, we need to learn how the good guys operate instead. As attacks become more and more bespoke, and attackers begin to leverage machine learning themselves, automating detection is not enough. Our security tools need to be able to interpret and investigate. This session will explore the need for automating investigation and introduce Darktrace’s AI Analyst technology.
Director of Technology
12:30PM - Day 1