Security Analytics (DeepSecTM)
Security starts with awareness, maintained by knowledge
Security Analytics is not for security professionals. It is for the enterprise.
Security is becoming elusive and complex. Using human talent is fine, but the scarcity of the resources as well as the complexity of the problems bring a new dimension to security. Security Analytics enable the use of artificial agents to assist the professionals in screening the false positives before any kind of human intervention to the security event. DeepSec is the security analytics framework from RACE labs, which provides multilevel/multidimensional security insights for the professionals to handle the security events with great effectiveness.
RACE DeepSecTM Framework
Cybersecurity Analytics
Cyber systems are repeatedly attacked with renewed knowledge by hackers having ulterior motives. In addition, current knowledge is overwhelming and not calibrated with enterprise events. Cyber incidents such as intrusion, data breaches and other such issues will be a costly affair for organizations when the investigation is performed manually. The business models from RACE labs in cybersecurity provide augmented information to the businesses to detect, diagnose and rectify the incidents with better effectiveness, reduced time and minimal cost.
Digital Media Analytics
Hard entry into the network is not the only threat an enterprise faces. The soft targets like emails, enterprise brand, etc., demand enhanced security than off-the-shelf commercial products. Building a monitoring system for threats from digital sources is essential for overall defence in enterprise cyber systems. DeepSec digital media analytics provides generic models that can be reconfigured for the specific company.
IoT Security Analytics
The emergence of IoT has started a two-way threat scenario, where the control of essential entities will be taken over by an ill-intended hacker posing costly threats. Establishing the identity and authentication along with analysing the behaviour of the entity processes (different from UEBA) and edge elements are essential in any cyber-physical systems. DeepSec model provides the framework based on deep learning to these scenarios, which be trained and tested on the IoT elements of the company.
Performance Management
The security management performance from multiple perspectives gives the decision-makers an ability to evaluate the current processes continuously and provide intervention when the processes are out of sync. The security process performance dashboards based on Apache Metron will enhance the effectiveness of the current command and control centre operations.
DeepSecTM Framework – Benefits
- How to get 3600 visibility of every event in the security spectrum
- Discovering and diagnosing events of interest or risk – Intrusion, anomalies, data breach etc.
- Predict/forecast the next possible attack and anticipate to defend the network/systems
- Objective evaluation of the utilization and performance
DeepSecTM Framework – Scope
- Data models and Domain models for Security Analytics – Cyber, Digital and IoT
- An end-to-end discovery from a typical security data
- Predictive models for intrusion, anomalies, attacks (like SQL Injection), UEBA
Why participate
RACE has a dedicated research wing working on Security Analytics for the past 3 years across industries. It has imparted/implemented best practices for Security Analytics through its unique framework. DeepSecTM can be implemented as a turnkey project or in modules on plug and play mode, which can be customised based on the participating organizations that have the intention to adopt Security Analytics with assured monetary benefits.