Join CEO, Jake King, as he discusses the detection of three well-defined security problems – adversarial user behavior, lateral movement, and insider threat detection – using a relatively untapped data set: shell and session commands. He discusses machine learning techniques needed to analyze this data, present key findings of our research, and describe the effects and mitigations of bias to achieve higher accuracy. Additionally, Jake explores techniques for safeguarding ML models based on this data.
Jake also outlines a number of the tools used to develop these findings, including methods for analyzing and visualizing massive datasets over billions of Linux audit events. He covers advances in machine learning (ML) that you can leverage to gain meaning out of the data you throw into the lake.