Cyphort Applies Machine Learning to Threat Detection

Share it on Twitter  
Share it on Facebook  
Share it on Linked in  
Slide Show

Top Five Things You Should Know About Network Forensics

When it comes to IT security, the single biggest issue has always been detection. Unfortunately, the scale and complexity of the attacks being launched today makes detecting when an application or system has been compromised more difficult than ever.

To help IT organizations address that specific issue, Cyphort has developed the Cyphort Advanced Threat Defense Platform, a threat detection system that leverages machine learning to discover which systems have been compromised.

Relying on Cyphort collector software that can run on multiple platforms to collect threat information, Cyphort uses machine learning to help identify not only threats, but also the level of risk that threat represents. After examining the threat using Golden Image sandbox technology, Cyphort then takes the next logical step by automatically applying the appropriate level of remediation based on the security policies set by the internal IT department.

While machine learning as a technology has been around for a while, applying it to security has been prohibitively expensive. Cyphort is addressing that issue via a licensing model based on the amount of bandwidth consumed in defense of the IT organization. Shel Sharma, director of product marketing for Cyphort, says that this approach eliminates any of the upfront costs that would hinder an IT organization from deploying Cyphort Advanced Threat Detection Platform while providing a licensing model that directly correlates to the volume of attacks being defended against. List pricing is $27,500 for 100Mbps of bandwidth and then it scales up and down from there, says Sharma.

When it comes to security, IT organizations clearly need a little extra help, especially with new classes of advanced persistent threats (APTs). Most organizations can remediate systems in a reasonable amount of time once a threat is discovered. Where machine learning is needed is in actually figuring out what’s been compromised in the first place.