How does a Security Analyst just know when an application security warning is real? How does an SA understand when something needs a closer look? What secrets does an SA know be able to unravel the mysteries?
It is not magic – though it might seem like it. Security Analysts simply have experience looking for that pattern which makes a warning real or interesting – and they can convert that knowledge into real, interesting results. The patterns an analyst observes appear less magical and become more obvious the more experience the analyst gains.
The human brain is a marvellous pattern recognition machine – and now so are machines with the advancement of machine learning techniques. Imagine modelling the pattern recognition capabilities of the human brain and turning that into 1’s and 0’s from which a machine can learn how to discern patterns in security analysis. You would have a system which can perform the same tasks as the security analyst with extensive experience, and can do so at a tireless rate. Days blending into weeks or months of repetitive tasks instantly replaced by a tireless machine.
Well, my friends, this brave new world is possible and it is here!
The Application Security Products group has used our own experience built up over many years and taught a machine how to observe the patterns that truly make a security warning interesting – or exceedingly boring, as the case may be. The security warning pattern recognition machine is called Intelligent Finding Analytics (IFA).
IFA uses the same observational techniques a human uses when plucking out interesting warnings from a sea of possibilities. Now you can get the answer to the question,“Is this security warning gold or mud?” in a fraction of the time a human can, and in a repeatable way.
This leading edge technology goes way beyond simple filtering. The experience a security analyst accumulates through years is now boxed up and deployable.
Cognitive Lead, Application Security Products
Connect with me on LinkedIn