Filter by Interest

Anomaly Detection in Elasticsearch 101: Population Outliers

My series on basic anomaly detection in Elasticsearch continues with this fourth entry - a discussion on how to leverage Prelert’s machine learning based approach to identify members of a population that are different than their peers.

Read More

As originally published by Information Security Buzz

Security Information and Event Management (SIEM) systems have been the cornerstone of many IT security monitoring strategies. But as the threats facing organizations and the tools used to protect against them have become more complex, SIEMs have become more like sieves.

Sieve. /siv/ noun. 1. A utensil consisting of a wire or plastic mesh held in a frame, used for straining solids from liquids, for separating coarser from finer particles, or for reducing soft solids to a pulp.

Read More
Anomaly Detection in Elasticsearch 101: Unstructured Data

My blog series on anomaly detection in Elasticsearch continues with this third installment - finding anomalies in unstructured data by first bringing structure via dynamic categorization from machine learning.

Read More
Anomaly Detection in Elasticsearch 101: Metric Deviations

In the first blog of this series, we discussed how to detect changes in event rates. This, the second blog, focuses on detecting unusual temporal changes in metric values.

Read More
Anomaly Detection in Elasticsearch 101: Event Count Change Detection

I’m kicking off a multi-part series of blogs around effective anomaly detection for data in Elasticsearch. These will cover the basics around several different kinds of fundamental use cases and data types. The first in the series is this article: Event Count Change Detection.

Read More
Star Wars X – Attack of the DROWNs: Machine Learning-based Anomaly Detection Finds the DROWN SSLv2 Vulnerability

If you are working in the security space, you’ve probably heard of the recent critical DROWN Vulnerability (CVE-2016-0800,CVE-2016-0703) reported last month, which can be used by attackers to decrypt both passively eavesdropped and MITM-proxied TLS sessions putting millions of HTTPS/OpenSSL-secured sites at risk [1,6].

What’s interesting about this latest high-impact vulnerability is that it leverages a combination of protocols and misconfiguration of a target server, not a specific software security flaw as many vulnerabilities do, affecting a significant number of HTTPS, SMTP, SMTPS, IMAP, IMAPS, POP3, and POP3S servers supporting SSLv2.

According to the paper describing the DROWN vulnerability, approximately 11.5 million (33%) of all HTTPS servers (general version of the attack) / 26% of all HTTPS servers (special version of attack, fast enough to decrypt premaster online during a connection handshake) are affected by this vulnerability.

Read More
Java 8 and Virtual Memory on Linux

The -Xmx option can be used to tell a JVM the maximum heap size it’s allowed to use.  The “top” command on Linux can report current resource usage for running processes.  But if the JVM really is respecting the maximum heap size specified by the -Xmx option, how come the virtual memory usage reported by “top” is so high?

Read More
7 Reasons to Deploy Retail Order Analytics

The retail analytics market is growing almost as fast as the retail market itself. In fact, a recent study by Reportlinker estimates that the retail analytics market will grow from $2.2 billion in 2015 to $5.1 billion in 2020. The report finds that the factors driving this growth include the rise in retail data volumes, types and accumulation, as well as demand for omnichannel insights.

However, most retailers have not yet deployed analytics solutions at scale, and most who have are still in the early stages of deployment. That means it’s not too late to get started, and you still have a huge opportunity to gain an edge on your competitors using data. In fact, it’s never too late to get a competitive edge from your data.

To accomplish this, you will want to start at the top, using analytics to first detect revenue-impacting events, including operational issues such as a broken checkout button or internal process interruptions, business issues such as rapid consumer behavior changes, or even Internet infrastructure issues, as quickly as possible. We’ll refer to this subset of retail analytics as Retail Order Analytics. Below, we’ll explain how automated machine learning has proven itself to be the preferred technology for companies who want to stay competitive in today’s eCommerce landscape, and we’ll highlight some of the key mathematical challenges involved in accurately analyzing retail operations data to detect revenue-impacting events. Below, we share seven reasons to deploy retail order analytics and some key factors you should consider before deciding on any retail analytics solution:

Read More
Machine Learning Is Cybersecurity’s Answer to Detecting Advanced Breaches

As originally published by insideBIGDATA

For forward-thinking organizations, advanced security analytics powered by machine learning is more than just a pipe dream: it’s an absolutely necessary component to identifying security issues early. This is especially critical when you consider what’s at stake. If the recent high-profile breaches have taught us anything, it’s that no organization is immune to an attack, even those that don’t specifically deal with monetized data.

Read More
Stop By: We’re at 2600 South at RSA 2016

It seems like every year the threat landscape expands—and RSA, arguably the most well-known cybersecurity conference in the world, keeps growing right along with it. This year we’re thrilled to be participating in everything from product demos to a social “pub crawl.” If you’re going to be at RSA this week, we’d love to meet you, learn about your security plans for 2016 and show you what’s under the hood of Prelert’s rapidly evolving behavioral analytics platform.

Read More


Why All IT Security Professionals Should Be Using Anomaly Detection Software



Security Analytics: Machine Learning Anomaly Detection