From Deep Blue to Deep Learning
Ever since completing my graduate studies in 1994, I have had a front-row seat for the accelerated development of artificial intelligence and deep learning. At IBM Research’s high-performance computing group I worked on the SP2 line of supercomputers–the brains behind the chess playing machine Deep Blue that defeated Grand Master Gary Kasparov in 1997. Later, at Qualcomm, I explored a variety of techniques such as boosted decision trees, and support vector machines.
At each step the progress made was limited. SP2 was a powerful number cruncher that did well in specific, data-intensive disciplines like chess and weather forecasting, but was limited in application. Boosted decision trees and support vector machine held much promise but required detailed engineering effort to work and were not scalable for complex problems like image and speech recognition.
But in 2012, while I was at Qualcomm optimizing deep learning for applications with mobile phones, AI and neural networks achieved a watershed moment. At the ImageNet large scale visual recognition challenge (LSVRC) that year, a team of researchers from the University of Toronto, led by Dr. Geoffrey Hinton (“the Godfather of Deep Learning”), won the competition by a large margin. Their application of deep convolutional neural networks for image recognition proved that AI and deep learning were ready to break out from limited applications and be used to solve big problems confronting business. I immediately recognized that network security was a big problem for which AI and deep learning was ideally suited.
Cybersecurity’s Asymmetric War
Attackers have adopted automated techniques to develop and launch new attacks globally and on a massive scale. According to research by AV-Test, more than 121.6 million new malware programs were discovered in 2017. That is equivalent to more than 333,000 new malware samples daily; more than 230 new malware samples every minute, 4 every single second.
Countering such a massive and novel volume requires defensive techniques capable of recognizing threats–including new threats–faster than they can act or spread. Such a defense needs to operate in an actual network environment and get it right the first time.
That’s why Saumitra and I founded Blue Hexagon.
The longer a threat remains undetected in an enterprise, the more damage it does, so speed of detection is critical. Traditional defenses require prior knowledge of a signature or time to analyze a new zero-day before preventative measures can be taken. When a threat can spread in seconds, time and second chances won’t do. But when you have the ability to stop a threat dead in its tracks–the first time–that changes the dynamic. It puts you on the offensive. It also means you don’t have to devote resources to forensics, remediation, or threat analysis; it means you won’t incur the costs of a data breach, loss of brand trust, or face fines associated with non-compliance with laws like GDPR.
Introducing Blue Hexagon
At Blue Hexagon we have built the world’s first real-time, deep learning platform for network threat protection. We can detect known and unknown threats including unknown malware variants in a fraction of a second at whatever point they threaten the enterprise, whether at the network edge or between segments where we monitor traffic to prevent threats from moving between boundaries. And we do it without using traditional techniques like sandboxing and signatures.
We assembled an amazing team of machine learning, deep learning, software engineers and cybersecurity experts to do this. This team is truly one of the best I’ve ever worked with and we’re able to demonstrate industry-defining results in customer environments–sub-second detection with nearly 100% efficacy at 10 gigabit wire speed.
Today, we’re excited to launch Blue Hexagon. We thank the numerous security leaders and companies that have worked with us on our product trials and we hope to have the opportunity to prove ourselves to many more.