Empower IT operation center with AI and Automation

Enforce Duo Enrollment for Suspected Compromised User

May 30, 2019 by Sihan Automation, Response

Often times after hours of investigation, you may find particular user account is suspicious. To make sure the user that accesses your application is really the one who is accessing the application, enforcing Multi-Factor Authentications (MFA) is the way to go. DTonomy integrates with Duo via which you can easily manage users and phones and send verification code or "push" to end-user's phones.

Continue Reading

Malicious Website Detection using Machine Learning

A malicious website is a site that attempts to install malware on your computer and may attempt to install onto your devices. Usually it requires permissions on your side, however, in the case of a drive-by downloads, the website will attempt to install software without your permissions. In many times, malicious websites often look like legitimate websites. What's more, your anti-virus software might not be able to detect it because hackers deliberately program it in such a way that it is difficult for anti-virus software to detect.

To avoid this, is it possible to detect such websites using machine learning?

Continue Reading

Spam Detection using Natural Language Processing

Spams is a cost-effective method for advertisement. Only a very small fraction of the recipients may get interested to the product and this is how spammers make money and but this is a big problem for other users. Spammers collect recipients contact from publicly accessible sources and make use of this medium to advertise their products. At present more than 95% of the emails that are sent are believed to be spam and this makes spams a severe problem.

To avoid this, is it possible to detect Spam using machine learning?

Continue Reading

Will Your Machine be Hit by a Malware soon?

Jan 10, 2019 by Akshay Security, Machine Learning, AI

Malware, or malicious software, is any program or file that is harmful to a computer user. These malicious programs can perform a variety of functions, including stealing, encrypting or deleting sensitive data, altering or hijacking core computing functions and monitoring users' computer activity without their permission. Cybercrimes have been increasing and the global cost of cybercrime has now reached as much as 600 billion dollars about 0.8 percent of global GDP.
To minimize risk, is it possible to predict the chance of machine getting infected using machine learning?

We will see in the blog that based on the configuration of a machine we can predict the chances of them getting infected and hence if the risks are high then we can take counter measures accordingly. We will see the use of machine learning to identify the risks of infection and how it can be prevented.

Continue Reading

Phishing Email

Oct 26, 2018 by Admin Security, SecOps

Inboxes are constantly under attack. As concluded by PhishMe Research, 91% of cyber attacks start with a phishing email. 76% of organizations say they experienced phishing attacks in 2017(Symantec 2018 ISTR). 92.4% of malware is delivered via email(Verizon 2018 DBIR). The phishing attack is becoming popular not only because it provides direct access to most vulnerable part of the network - the end users, but also because most attackers are automating phishing attacks:)

How to protect your organizations from phishing scams is a challenging problem. Education is the first step. As many employees have been aware of this problem, they may choose to report phishing emails to security team. Hence many SecOps are responsible for triage tons of reported phishing email, some are true positive while some are not. If they are true positives, remediation is necessary afterwards.

In more details, here are some important steps involved in handling phishing email.

Continue Reading