Filter by Interest

Prelert & Elastic Join Forces: Search + Unsupervised Machine Learning

This blog is co-written by Shay Banon, CTO of Elastic, and Steve Dodson, CTO and Founder of Prelert, and has also been posted to the Elastic site.

I am happy to announce that Prelert and Elastic are joining forces. Ever since we started Elastic, our goal has been to allow users to easily find relevant data or insights within large amounts of data. Search is a wonderful way to do it, and the ability to slice, dice, and aggregate the data in an unconstrained way allowed users to feel they are in control of the data, compared to the other way around.

Read More
Fast and Effective Security Analytics Use Cases Webinar On Demand

Analytics solutions have become increasingly important to security teams for both threat hunting and meaningful alerting. Solutions that allow for easy configuration of use cases are of the most value to security teams. By leveraging our pre-configured security use cases, this webinar highlights how to quickly and effectively find elementary attack behaviors by detecting and scoring anomalies and then identifying statistical influencers in the analyzed data.  These use cases are deployed in an Elasticsearch environment.

View now to learn how to apply security analytics to detect threat activity such as data exfiltration over the DNS protocol and suspicious host behaviors.

How to easily configure use cases and why easy-to-configure solutions are the most valuable, most notably because:

  • Pre-configured libraries enable a fast start for security teams
  • Parameterized configurations enable subject matter experts to deploy effective coverage


Learn to quickly and effectively detect threat activity with our security use cases! 

Free Download

Read More
How Fidelity Bank Stays on Top of Cybersecurity with Prelert

Fidelity is a fourth-generation family-owned financial institution that traces its beginnings back to 1905. Today, the organization has grown to more than 450 employees and nearly $1.7 billion in assets across 23 offices in Kansas and Oklahoma.

In this Q&A, learn more about how Prelert’s machine learning anomaly detection solution helped make Fidelity Bank's IT team more efficient.

Read More
Fighting Alert Fatigue

As originally published by Infosec Island

While there’s been a great deal of discussion surrounding the high-level value of behavioral analytics in mitigating losses due to cyberattacks, the realization of this benefit usually begins with relieving an organization’s employees from the dreaded condition known as "alert fatigue."

Read More
Anomaly Detection in Elasticsearch 101: Population Outliers

My series on basic anomaly detection in Elasticsearch continues with this fourth entry - a discussion on how to leverage Prelert’s machine learning based approach to identify members of a population that are different than their peers.

Read More

As originally published by Information Security Buzz

Security Information and Event Management (SIEM) systems have been the cornerstone of many IT security monitoring strategies. But as the threats facing organizations and the tools used to protect against them have become more complex, SIEMs have become more like sieves.

Sieve. /siv/ noun. 1. A utensil consisting of a wire or plastic mesh held in a frame, used for straining solids from liquids, for separating coarser from finer particles, or for reducing soft solids to a pulp.

Read More
Anomaly Detection in Elasticsearch 101: Unstructured Data

My blog series on anomaly detection in Elasticsearch continues with this third installment - finding anomalies in unstructured data by first bringing structure via dynamic categorization from machine learning.

Read More
Anomaly Detection in Elasticsearch 101: Metric Deviations

In the first blog of this series, we discussed how to detect changes in event rates. This, the second blog, focuses on detecting unusual temporal changes in metric values.

Read More
Anomaly Detection in Elasticsearch 101: Event Count Change Detection

I’m kicking off a multi-part series of blogs around effective anomaly detection for data in Elasticsearch. These will cover the basics around several different kinds of fundamental use cases and data types. The first in the series is this article: Event Count Change Detection.

Read More
Star Wars X – Attack of the DROWNs: Machine Learning-based Anomaly Detection Finds the DROWN SSLv2 Vulnerability

If you are working in the security space, you’ve probably heard of the recent critical DROWN Vulnerability (CVE-2016-0800,CVE-2016-0703) reported last month, which can be used by attackers to decrypt both passively eavesdropped and MITM-proxied TLS sessions putting millions of HTTPS/OpenSSL-secured sites at risk [1,6].

What’s interesting about this latest high-impact vulnerability is that it leverages a combination of protocols and misconfiguration of a target server, not a specific software security flaw as many vulnerabilities do, affecting a significant number of HTTPS, SMTP, SMTPS, IMAP, IMAPS, POP3, and POP3S servers supporting SSLv2.

According to the paper describing the DROWN vulnerability, approximately 11.5 million (33%) of all HTTPS servers (general version of the attack) / 26% of all HTTPS servers (special version of attack, fast enough to decrypt premaster online during a connection handshake) are affected by this vulnerability.

Read More


Why All IT Security Professionals Should Be Using Anomaly Detection Software



Security Analytics: Machine Learning Anomaly Detection