Security News

Tackling the SDLC With Machine Learning
2020-05-05 19:24

Automated application security testing is a key component of modern SDLC practices and can economically uncover many bugs and potential security flaws with relative ease. Application security testing embraces a broad range of complementary techniques and tooling-such as static application security testing, dynamic application security testing, interactive application security testing, and runtime application self-protection.

Microsoft: This is how to protect your machine-learning applications
2020-04-29 10:04

Microsoft is thinking a lot about how to protect machine learning systems. As the paper points out, a lot of work has been done in finding ways to attack machine learning, but not much on how to defend it.

Vulnerability Finding Using Machine Learning
2020-04-20 11:22

The problem of finding software vulnerabilities seems well-suited for ML systems. Going through code line by line is just the sort of tedious problem that computers excel at, if we can only teach them what a vulnerability looks like.

Enveil ZeroReveal ML: Allowing orgs to process data against an encrypted machine learning model
2020-04-17 02:45

Enveil, the pioneering data security company protecting Data in Use, announced the release of its encrypted machine learning product, ZeroReveal Machine Learning, the first adaptable, market-ready solution allowing organizations to process data against an encrypted machine learning model. Building on the success of its ZeroReveal Search solution, Enveil ZeroReveal ML fundamentally changes the paradigm of secure data usage by allowing organizations to enable advanced decisioning through collaborative and federated machine learning in a secure and private capacity.

IWD: biometrics, machine learning, privacy and being a woman in tech – Naked Security Podcast
2020-03-08 12:33

To celebrate International Women's Day we invite you to this all-female splinter episode. We discuss privacy, biometrics, machine learning, social media, getting into cybersecurity and, of course, what it's like to be a woman in tech.

How Machine Learning Can Strengthen Insider Threat Detection
2020-02-27 17:48

As companies continue to grapple with the challenges of insider threats, machine learning coupled with behavioral analytics can assist in predicting and detecting potential threats from employees and contractors, according to a panel of security experts at RSA 2020. To mitigate insider threats, experts suggest that enterprises develop their own risk algorithms by coupling machine learning capabilities with behavioral analytics to understand discrepancies in employee activities.

RSAC 2020: Lack of Machine Learning Laws Open Doors To Attacks
2020-02-26 22:27

Why so few machine learning court cases? Experts point to the fact that staple cybersecurity regulations such as the Computer Fruad and Abuse Act and Electronic Communications Privacy Act don't specifically spell out how to handle machine learning attacks. This type of attack can open up machine learning systems to anything from data manipulation, logic corruption or even backdoor attacks.

Stellar Cyber’s new app applies machine learning to firewall data to spot anomalies
2020-01-22 03:30

Security provider Stellar Cyber, with the first Open-XDR platform, announced its new Firewall Traffic Analysis Application, which supercharges firewalls by analyzing their data to spot undetected anomalies. With this new App, security analysts get an automated assistant to detect firewall misconfigurations, malicious users and abnormal traffic to gain new value from firewall data, improving analyst productivity typically over 20x. The FTA Application supports firewalls from many vendors including Cisco, Check Point, Fortinet, Palo Alto Networks and Sophos.

Failure Modes in Machine Learning
2019-12-09 11:56

Interesting taxonomy of machine-learning failures (pdf) that encompasses both mistakes and attacks, or -- in their words -- intentional and unintentional failure modes. It's a good basis for...