Tej Redkar, Chief Product Officer at LogicMonitor says that when it comes to securing your business infrastructure and applications, the fundamental data is almost the same as IT operation data sets. It is the machine and user data flowing through your digital infrastructure. Security algorithms model the historical behavioral patterns and detect anomalies and deviations from those patterns in near real-time. Using AI, this process could be further automated towards blocking bad actors in near real-time.
For example, a hacker is trying to access or penetrate a firewall. That is detected by either a change in the volume of data or a change in the location of the user that is trying to access it. Multiple features could be used to classify that particular access as either regular access, hacker access, or insecure access. Once that is detected, it could be handed over to the automation/AI system to block the IP address of that particular region or that particular range.
If you observe carefully, the underlying data required to gather this intelligence is still the transactions, logs and metrics, but the users are security teams and the problem that they are trying to solve is securing the business from bad actors. The business problems and algorithms are different but the underlying data is the same. Next year, the IT Operations and Security teams will collaborate closely to not only detect problems in the infrastructure performance but also prevent cybersecurity threats in near real-time.
Read the full story at: https://www.forbes.com/sites/louiscolumbus/2020/12/05/top-20-predictions-of-how-ai-is-going-to-improve-cybersecurity-in-2021/?sh=57302d4a19c1
See how NextComputing’s enterprise-scale Packet Continuum software (https://packetcontinuum.nextcomputing.com) for packet capture and enriched metadata generation can be employed to capture machine and user data flowing through your digital infrastructure and enable security algorithms to model the historical behavioral patterns and detect anomalies and deviations from those patterns in near real-time as a process that can be used to further automated towards identifying indicators of compromise and bad actors in near real-time.
Contact us today to find the right packet capture solution for your needs.