goran sandahl - machine learning. literally
TRANSCRIPT
Machine learning.Literally. Göran Sandahl
Co-founder, CTO@[email protected]
“Less than 1% of data is analysed”(idc)
Stuxnet attack graph
Black Box
The foundational issue
IT systems are black boxes
??
? ? ?
3
BreachesCrashesFailures
Changes
20% of IT time spent on troubleshooting
IT Process Institute
69% of security incidents discovered by 3rd
partiesVerizon Breach Report, 2013
Growingpressure from
legislation, compliance etc
Every system produces data. Every incident creates new.
Systems
Continually learns what’s normal
DB
Events
Profiles§
Relevance Algorithm
Universally
uncovers new data in
u
Memory Controller Read Error on Ch
Sys
Sys
Sys
SysSys
Send any data from any system
STREAMING DATA
LegacyCloud
CustomEmerging
100% coverage
100% automation
99.999% data reduction
4
One focal point and ground truth for all stakeholders
sup
sec
net
dev
ops
app
What’s different?
Faster mean time to detect,
repair and recover
Reduced risk, guesswork and troubleshooting
Improved communication
and collaboration
Enhanced organisational
learning
"Even the most advanced hacker will leave traces in log data" Gartner, Anton Chuvakin
Thank you.