Supercharging CrowdStrike’s artificial intelligence requires both human professionals and the right technologies to deliver blisteringly fast and accurate machine learning model training with a small footprint on the CrowdStrike Falcon® sensor. CrowdStrike data scientists continuously explore theoretical and applied machine learning research to advance and set the industry standard in protecting customers from sophisticated threats and adversaries.

In this blog post, we explore how we boost our MLaaS approach to create the best blend of innate human nuance and computational ability of machines to solve your business challenges…

CrowdStrike data science researchers recently explored and experimented with the use of Bidirectional Encoder Representation from Transformers (BERT) for embedding command lines, focusing on anomaly detection, but without detailing the model itself. Diving deeper into that research, CrowdStrike researchers explain the reasons for using BERT for command line representation and how to train the model and assess its performance.

Machine learning (ML) detections are a powerful tool for detecting emerging threats when we don’t yet know what we’re looking for. The power of anomaly detection is the ability to detect and provide early warning on new threat activity for which rules, indicators, or signatures are not yet available.

Spam filters are essential. Without them we couldn’t cut through the noise of phishing scams and malware links to read our messages. Hatred of spam is well entrenched in society, just as bots (especially scalpers) have become the bane of so many lives in recent years. There are several parallels between the email spam in our inboxes and malicious bots that crawl the web. Both are designed to cause harm to businesses and individuals. Both exploit systems designed to be useful.

Our world is driven by technological innovation. Recent years have seen many companies adopt artificial intelligence (AI) and machine learning technology to analyze larger data sets and perform more complex tasks with faster and more accurate results. This is not limited to technology-based industries such as computer science – now, many industries work continuously to enhance their technology to keep up with consumer expectations, with data-based decision making often central to this drive.

Online travel agencies, more commonly referred to as OTAs, are online booking platforms used to compare prices and book flights, hotels or holiday packages. Well-known OTAs include Expedia, Booking.com and TripAdvisor. While we have seen a significant increase in the use of OTAs for booking travel arrangements in recent years, we have also seen a similar rise in OTA fraud. Total fraud loss to OTAs was predicted to grow by 19% to $25 billion by the year 2020.

As a (fairly) new member of Splunk’s Threat Research team (STRT), I found a unique opportunity to train machine learning models in a more impactful way. I focus on the application of natural language processing and deep learning to build security analytics. I am surrounded by fellow data scientists, blue teamers, reverse engineers, and former SOC analysts with a shared passion and vision to push the state of the art in cyber defense.

As soon as the ITOps technician is ready to grab a cup of coffee, a zing comes along as an alert. Cling after zing, the technician has to respond to so many alerts leading to fatigue. The question is why can’t systems be smart enough to predict bugs and fix them before sending an alert to them. And, imagine what happens when these ITOps personnel have to work with a complex and hybrid cloud of IT systems and applications. They will dive into alert fatigue.