A Cylance Case Study: Machine Learning in Insider Threat Incident Response
Report Summary
A Cylance Case Study: Machine Learning in Insider Threat Incident Response
ML-powered products that do not use signatures to augment detection are largely enterprise-ready.
Boston, December 12, 2018 – In Q4 2016, a real-world deployment of a machine learning-based endpoint security solution identified a worm outbreak and prevented from it propagating further. This solution, CylanceProtect, performs pre-execution malware detection by inspecting the suspect file—without the need for signatures and without requiring it to execute.
This report provides empirical data on the enterprise-readiness of ML-based endpoint security solutions that work without signatures and their efficacy over legacy anti-virus solutions. The data provided in this report is a result of primary research methods observed in a monthlong incident response investigation as well as interviews conducted by Aite Group of the customer’s security engineers.
This is a 13-page Impact Note. Clients of Aite Group’s Cybersecurity service can download this report and the Executive Impact Deck.
This report mentions Cylance, Darktrace, Kaspersky Lab, McAfee, Symantec, and Vectra Networks.