Network Detection and Response

What is Predictive AI and How is it Being Used in Cybersecurity?

The predictive AI field of machine learning collects, analyzes, and tests data to predict future possibilities. AI’s neurological network is patterned on the human brain. But AI works on a scale that goes far beyond what is humanly possible. The top uses for predictive AI technologies to protect sensitive data and systems are in network detection and response (NDR), threat detection, and cybercrime prevention.

Why a Platform With a Generative Baseline Matters

MixMode creates a generative baseline. Unlike the historically-based baselines provided by add-on NTA solutions, a generative baseline is predictive, real-time, and accurate. MixMode provides anomaly detection and behavioral analytics and the ability to suppress false positives and surface true positives.

NTA and NDR: The Missing Piece

Most SIEM vendors acknowledge the value of network traffic data for leading indicators of attacks, anomaly detection, and user behavior analysis as being far more useful than log data. Ironically, network traffic data is often expressly excluded from SIEM deployments, because the data ingest significantly increases the required data aggregation and storage costs typically 3-5x.

New Video: Why is network data the best source for actionable data in cybersecurity?

In a recent blog post, our Head of Customer Success, Russell Gray, outlined the reasons why network data is the best source for actionable data in cybersecurity. He covered the limitations of each of the elements of a typical security stack (SIEM, Endpoint, and Firewall) and the importance of network traffic analysis (NTA) in the …

New Video: Why is network data the best source for actionable data in cybersecurity? Read More →

Our Top 5 Cybersecurity Insights from 2019

This year on the MixMode blog, we have covered headline stories, analyzed every pain point within network security, and shared what we believe to be some of the most innovative solutions to help you analyze network traffic, surface threats and anomalies, and stop attacks using autonomous AI.

Generative Unsupervised Learning vs. Discriminative Clustering Technology: Which Prevents Zero-Day Attacks?

Knowing the difference between Discriminative and Generative Unsupervised Learning can tell you a lot about the effectiveness of a cybersecurity solution’s artificial intelligence, for example, whether or not that security solution can perform actions like identifying and stopping a zero-day attack.

Case Study: MixMode AI Detects Attack not Found on Threat Intel

In October, 2019 a MixMode customer experienced an incident where an external entity attacked a web server located in their DMZ, compromised it, and then pivoted internally through the DMZ to attempt access of a customer database. While the attacker was successful in penetrating the customer’s network, MixMode was able to detect the event before they were successful in penetrating the customer database.

What is Network Detection and Response (NDR)? A bEginner’s Guide

Recently, network detection and response, or NDR, has been established as a key tool for companies seeking to improve their threat response. It’s a relatively new network security strategy which developed in response to perceived shortcomings in existing network security systems. We wanted to help explain what modern network detection and response is, how it …

What is Network Detection and Response (NDR)? A bEginner’s Guide Read More →

Threat Hunting and Endpoints – A Dr. Stephenson tutorial

“Packetsled provides the enrichment that triggers early warnings and proactive action to prevent breaches.” Dr. Stephenson SC Magazine’s Dr. Peter Stephenson analyzes the best threat hunting platforms in cyber security. Read the full blog here About MixMode MixMode is the first to bring a third-wave, context-aware AI approach that automatically learns and adapts to dynamically changing environments. …

Threat Hunting and Endpoints – A Dr. Stephenson tutorial Read More →