A new report by Crowdstrike that estimates some Russian hacker groups can compromise an enterprise in just 18 minutes has been getting a lot of attention lately. And rightly so. The security industry and those who depend on cybersecurity vendors are in need of such a wakeup call. The global hacker community, including individuals, organized criminal elements, and state sponsored actors, have evolved their capabilities at a stunning pace, yet we continue to rely on traditional approaches to perimeter security and outdated performance standards.
The scale and speed of today’s attacker onslaught is more than enough to overwhelm traditional approaches to security, and as Richard Seiersen states in this LinkedIn post, “A 99 percent success rate equates to a 100 percent failure rate” when you rely on signature- and sandbox-based security.
Malware is being released at a rate of four new samples every second. By the time you’ve detected and analyzed one, there are more in the queue. And because it can take 12 to 24 hours to arrive at a verdict, there’s a good chance the hackers have already compromised your network.
In fact, evasion tactics can be as simple as creating attachments that are so large that they cannot be analyzed by sandboxes. See a recent Twitter post below that calls out this very common evasion technique. Alternatively, check your malware sandbox vendor datasheets — there are many disclaimers are there on file sizes, file types and the maximum number of files that can be uploaded to your cloud for inspection every single day.
Recently Palo Alto Networks CEO Nikesh Arora confirmed the risk when he said, “[Hackers] are deploying a lot more compute, a lot more techniques to go find that 1% of the infrastructure that is not secured. You have to believe that things are going to get by the inline sensors that you have in the infrastructure.”
He went on to say that artificial intelligence is the key to developing tools that can match the velocity and volume of today’s threat. Blue Hexagon agrees. There is a need for speed and accuracy in today’s cybersecurity platforms that traditional tools can’t provide, but that platforms using deep learning techniques–operating at machine speed–can.
When deep learning is applied to the challenges inherent with cybersecurity you gain the ability to identify and stop both known and previously unknown threats in seconds, operating at 10Gbps wire speed and with no latency. That means that, when deployed within the network, you can prevent attacks from ever getting through the door, and you can do it in real time–the first time. That is a speed that even the most skilled Russian hackers can’t match.
You can’t continue to rely on traditional approaches to cybersecurity and expect to keep your network safe. You need to fight fire with fire and, with deep learning, you’ve finally got a flamethrower that can go toe-to-toe with hackers at the speed and scale at which they operate. When it only takes them 18 minutes to compromise your systems, our deep learning platform lets you stop them with 18 minutes to spare.
If you’re at RSA, stop by the Blue Hexagon Booth N4204 to experience a deep learning brain in action. See how our neural network brain thinks and learns, separates threats from benign data and categorizes them. Or schedule a 1-1.
Comments are closed.