Whitepaper

The Evolution of SIEM

It should be noted that SIEM platforms are exceptionally effective at what they initially were intended for: providing enterprise teams with a central repository of log information that would allow them to conduct search and investigation activities against machine-generated data. If this was all an enterprise cybersecurity team needed in 2020 to thwart attacks and stop bad actors from infiltrating their systems, SIEM would truly be the cybersecurity silver bullet that it claims to be.

Whitepaper: The Failed Promises of SIEM

The fundamental SIEM flaws lie in the platform’s need for continual adjustment, endless data stores, and a tendency to create an overwhelming number of false positives. When organizations instead turn to a next-generation cybersecurity solution, which predicts behavior with an unsupervised (zero tuning) system, they are poised to save on both financial and human resources.

How Data Normalization in Cybersecurity Impacts Regulatory Compliance

Complying with privacy regulations requires all organizations to have access to data on demand, wherever it lives on a network. With the unfathomable amount of data managed by most organizations operating in the finance space today, it can become a significant challenge to locate specific data across legacy systems and networks with countless connections online and off.

Data Overload Problem: Data Normalization Strategies Are Expensive

Financial institutions spend five to ten million dollars each year managing data. A recent Computer Services Inc (CSI) study reveals that most banks expect to spend up to 40 percent of their budgets on regulatory compliance cybersecurity, often adopting expensive data normalization strategies.

Why a Platform With a Generative Baseline Matters

MixMode creates a generative baseline. Unlike the historically-based baselines provided by add-on NTA solutions, a generative baseline is predictive, real-time, and accurate. MixMode provides anomaly detection and behavioral analytics and the ability to suppress false positives and surface true positives.

NTA and NDR: The Missing Piece

Most SIEM vendors acknowledge the value of network traffic data for leading indicators of attacks, anomaly detection, and user behavior analysis as being far more useful than log data. Ironically, network traffic data is often expressly excluded from SIEM deployments, because the data ingest significantly increases the required data aggregation and storage costs typically 3-5x.

Why Training Matters – And How Adversarial AI Takes Advantage of It

The following is an excerpt from our recently published whitepaper, “Self-Supervised Learning – AI for Complex Network Security.” The author, Dr. Peter Stephenson, is a cybersecurity and digital forensics expert having practiced in the security, forensics and digital investigation fields for over 55 years.  Section 4 – Why Training Matters – And How The Adversary …

Why Training Matters – And How Adversarial AI Takes Advantage of It Read More →

Whitepaper: Self-Supervised Learning – AI For Complex Network Security

Artificial Intelligence – or AI – has become a buzzword since it emerged in the 1950s. However, all AI systems are not created equal. In our white paper, “Self-Supervised Learning – AI For Complex Network Security,” Dr. Peter Stephenson explains the different “waves” of artificial intelligence. He uses the DARPA definitions for each of these …

Whitepaper: Self-Supervised Learning – AI For Complex Network Security Read More →

How the Role of the Modern Security Analyst is Changing

As organizations began to rely more heavily on networking to carry out their operations over the past decade, IT teams added security analyst positions. These professionals focused on network security and providing regulatory compliance oversight.  Over time, the role of the security analyst has expanded to include threat hunting tasks. That is, evaluating security platform …

How the Role of the Modern Security Analyst is Changing Read More →

New Whitepaper: How Predictive AI is Disrupting the Cybersecurity Industry

Our newest whitepaper, “How Predictive AI is Disrupting the Cybersecurity Industry,” evaluates several common SecOps issues around Network Traffic Analysis, explaining why typical solutions are wholly ineffective and represent sunk costs versus added value. We examine how self-supervised learning AI is poised to overcome the SecOps challenges of protecting today’s distributed networks.

Our Top 5 Cybersecurity Insights from 2019

This year on the MixMode blog, we have covered headline stories, analyzed every pain point within network security, and shared what we believe to be some of the most innovative solutions to help you analyze network traffic, surface threats and anomalies, and stop attacks using autonomous AI.

The Evolution of “Next-Generation” Manufacturing and the Need for Network Security

The new MixMode & RAVENii whitepaper, “The Evolution of ‘Next-Generation’ Manufacturing and the Need for Network Security,” is a comprehensive look at how third-wave AI is improving modern network security across connected manufacturing networks and beyond.