Anomoly Detection

Aligning an Organization’s Attack Surface to Detection Surface is Key to Adversary Defense in Today’s Cloud Era

With the Cloud Era, the IT asset estate has expanded, and there is a diverse set of attack surfaces to defend. The term “attack surface” describes the growing IT asset estate, but there is no parallel term to describe where we can detect or respond to attacker activity.

What is Anomaly Detection in Cybersecurity?

Anomaly detection, the “identification of rare occurrences, items, or events of concern due to their differing characteristics from the majority of the processed data,” allows organizations to track “security errors, structural defects and even bank fraud,” according to DeepAI and described in three main forms of anomaly detection as: unsupervised, supervised and semi-supervised. Security Operations Center (SOC) analysts use each of these approaches to varying degrees of effectiveness in Cybersecurity applications.