Cybersecurity has been continuously evolving, not just as a hot topic for discussion but as the mainstream challenge and priority for a large number of organizations. Recently, we have seen several cyberattack incidents turning into global epidemic events, such as WannaCry (May 2017; damaging 200,000 computers across 150 countries), Petya/NotPetya (June 2017; $10 billion damage estimated), Mirai (Oct 2016; initial level impact on 300,000 insecure IoT-devices worth $100 million, further variants and consequences still getting unveiled). And even on the corporate front, the world has witnessed several massive breach incidents, including Yahoo (2013-14; impacting 3 billion users), Equifax (July 2017; impacting 150 million U.S. citizens), and Aadhaar (Aug 2017 to Jan 2018, 1.1 billion Indian citizens impacted), just to name a few. With every passing day, cybercriminals are learning and adopting new and innovative methods of attack. To withstand such attacks, security agencies also need to ramp up their game. Besides the established players, there are a large number of startups using advanced techniques like machine learning and artificial intelligence to prevent such cyberattacks. Below are a few startups using AI to drive cybersecurity innovatively.
Darktrace
Founded in 2013 by mathematicians from the University of Cambridge and government cyber-intelligence experts in the U.S. and the UK, Darktrace developed its first-ever autonomous response technology, known as Darktrace Antigena, in 2016. Darktrace has developed an Enterprise Immune System that works as a real-time threat-detection system. This system uses a machine-learning algorithm based on considerable data to define standard user actions on the network and sets it as a baseline, which is termed “pattern of life.” Any adverse activity or behavior on the network rings an alarm. By using proven artificial intelligence, Enterprise Immune System has become very helpful for the organizations to identify misconfiguration and emerging threats in the critical parts of the network infrastructure across all major cloud service providers and SaaS applications such as AWS, Microsoft Azure, and Office 365 Suite.
Cylance
Cylance, a California-based company founded in 2012, is the pioneer in providing cybersecurity that uses artificial intelligence into all its product lines. The key products of Cylance include Cylance Protect, Cylance Optics, Cylance Threat Zero, and Cylance Smart Anti Virus. Cylance Protect comprises core protection technology that leverages artificial intelligence and machine learning to detect and prevent threat attacks before they are executed. Its architecture consists of an agent installed on the host and managed by a Cylance cloud console. Its threat execution control system uses tested mathematical algorithms on the host, independent of cloud connectivity, signatures, or behavioral analysis. Cylance Optics is an upgraded version of Cylance Protect that acts as an endpoint detection and response solution. It extends the threat prevention delivered by Cylance Protect using artificial intelligence to identify and prevent security threats proactively. It also offers an automated playbook-driven response system as well as enables threat hunting capabilities based on context and situational awareness.
Vectra
Vectra Networks, a California-based tech startup founded in 2010, mainly uses artificial intelligence in its product called Cognito platform, which is a real-time threat-detection system deployed across cloud, datacenter, and enterprise environments. It is an automated threat-detection system that reduces human intervention to a great extent, which is required for threat research and investigations. Cognito platform mainly comprises the algorithms based on artificial intelligence, data science, and machine learning to identify anomalies. It can track the network traffic, extract relevant metadata, and ingest external threat intelligence. But it cannot take any actions automatically to encounter the threats, and it thus categorized as a threat-detection system rather than a threat-prevention system.
Read more
Darktrace
Founded in 2013 by mathematicians from the University of Cambridge and government cyber-intelligence experts in the U.S. and the UK, Darktrace developed its first-ever autonomous response technology, known as Darktrace Antigena, in 2016. Darktrace has developed an Enterprise Immune System that works as a real-time threat-detection system. This system uses a machine-learning algorithm based on considerable data to define standard user actions on the network and sets it as a baseline, which is termed “pattern of life.” Any adverse activity or behavior on the network rings an alarm. By using proven artificial intelligence, Enterprise Immune System has become very helpful for the organizations to identify misconfiguration and emerging threats in the critical parts of the network infrastructure across all major cloud service providers and SaaS applications such as AWS, Microsoft Azure, and Office 365 Suite.
Cylance
Cylance, a California-based company founded in 2012, is the pioneer in providing cybersecurity that uses artificial intelligence into all its product lines. The key products of Cylance include Cylance Protect, Cylance Optics, Cylance Threat Zero, and Cylance Smart Anti Virus. Cylance Protect comprises core protection technology that leverages artificial intelligence and machine learning to detect and prevent threat attacks before they are executed. Its architecture consists of an agent installed on the host and managed by a Cylance cloud console. Its threat execution control system uses tested mathematical algorithms on the host, independent of cloud connectivity, signatures, or behavioral analysis. Cylance Optics is an upgraded version of Cylance Protect that acts as an endpoint detection and response solution. It extends the threat prevention delivered by Cylance Protect using artificial intelligence to identify and prevent security threats proactively. It also offers an automated playbook-driven response system as well as enables threat hunting capabilities based on context and situational awareness.
Vectra
Vectra Networks, a California-based tech startup founded in 2010, mainly uses artificial intelligence in its product called Cognito platform, which is a real-time threat-detection system deployed across cloud, datacenter, and enterprise environments. It is an automated threat-detection system that reduces human intervention to a great extent, which is required for threat research and investigations. Cognito platform mainly comprises the algorithms based on artificial intelligence, data science, and machine learning to identify anomalies. It can track the network traffic, extract relevant metadata, and ingest external threat intelligence. But it cannot take any actions automatically to encounter the threats, and it thus categorized as a threat-detection system rather than a threat-prevention system.
Read more
