More

    Cyphort Applies Machine Learning to Threat Detection

    Slide Show

    Top Five Things You Should Know About Network Forensics

    When it comes to IT security, the single biggest issue has always been detection. Unfortunately, the scale and complexity of the attacks being launched today makes detecting when an application or system has been compromised more difficult than ever.

    To help IT organizations address that specific issue, Cyphort has developed the Cyphort Advanced Threat Defense Platform, a threat detection system that leverages machine learning to discover which systems have been compromised.

    Relying on Cyphort collector software that can run on multiple platforms to collect threat information, Cyphort uses machine learning to help identify not only threats, but also the level of risk that threat represents. After examining the threat using Golden Image sandbox technology, Cyphort then takes the next logical step by automatically applying the appropriate level of remediation based on the security policies set by the internal IT department.

    While machine learning as a technology has been around for a while, applying it to security has been prohibitively expensive. Cyphort is addressing that issue via a licensing model based on the amount of bandwidth consumed in defense of the IT organization. Shel Sharma, director of product marketing for Cyphort, says that this approach eliminates any of the upfront costs that would hinder an IT organization from deploying Cyphort Advanced Threat Detection Platform while providing a licensing model that directly correlates to the volume of attacks being defended against. List pricing is $27,500 for 100Mbps of bandwidth and then it scales up and down from there, says Sharma.

    When it comes to security, IT organizations clearly need a little extra help, especially with new classes of advanced persistent threats (APTs). Most organizations can remediate systems in a reasonable amount of time once a threat is discovered. Where machine learning is needed is in actually figuring out what’s been compromised in the first place.

    Mike Vizard
    Mike Vizard
    Michael Vizard is a seasoned IT journalist, with nearly 30 years of experience writing and editing about enterprise IT issues. He is a contributor to publications including Programmableweb, IT Business Edge, CIOinsight and UBM Tech. He formerly was editorial director for Ziff-Davis Enterprise, where he launched the company’s custom content division, and has also served as editor in chief for CRN and InfoWorld. He also has held editorial positions at PC Week, Computerworld and Digital Review.

    Latest Articles