Betta Lyon Delsordo’s Post

Do you know? After five years in production, around 70% of applications still have at least one vulnerability of the new research by Veracode. That indicates software vulnerabilities are the lurking shadows that organisations must face. But what if we told you that machine learning holds the key to detecting and countering these vulnerabilities effectively? Discover the elegance and strength of machine learning in identifying software vulnerabilities. Train ML models on known vulnerabilities, equipping them to spot patterns linked with weaknesses. These models scan software with remarkable accuracy. Advantages of Machine Learning for Vulnerability Detection: 🔹Unmatched Efficiency: ML algorithms swiftly sift through colossal code, efficiently pinpointing potential vulnerabilities missed by humans. 🔹 Real-time Vigilance: ML continuously monitors code, instantly alerting developers to emerging vulnerabilities, and ensuring proactive defense. 🔹Pattern Recognition: ML excels at recognising elusive coding errors, helping developers proactively address them. 🔹 Reduced False Positives: ML algorithms learn context, distinguishing real vulnerabilities from benign coding practices. 🔹Adaptability to New Threats: ML adapts to evolving cyber threats, ensuring robust defence. 🔹 Large-Scale Scanning Efficiency: ML efficiently scans extensive codebases, leaving no stone unturned. Explore these advantages and more in our full blog. Click the link now. https://lnkd.in/gaj4UDyN #MachineLearning #SoftwareVulnerabilities #DataSecurity #CyberSecurity #CyberDefense #cloudsecurity #cloudservices

Check out Prof. Hernan Huwyler, MBA CPA presentation on how #AI can help manage cyber risks at #STRONGER2023! Registration is linked below!

I recently published a blog post summarizing the paper "Machine Learning (In) Security: A Stream of Problems" by Ceschin et al. This paper discusses core challenges in applying machine learning for cybersecurity such as concept drift, adversarial attacks, metrics choices, and real-world performance limitations. My post summarizes the key points from each section of the paper to serve as an accessible distillation of these machine learning security issues and debates. Check it out if you're interested in the space of AI and cybersecurity! #machinelearning #cybersecurity #cyberattack #cyberdefense #cyberthreat #AIsecurity #MLsecurity

Sharing key takeaways from an insightful paper on challenges in applying machine learning for cybersecurity. The paper discusses common pitfalls like data leakage, inaccurate labeling, class imbalance, and concept drift. My blog post summarizes sections 3-5, highlighting the importance of temporal data consistency, representativeness over dataset size, robust feature engineering, and model adaptability. Understanding these nuances is vital for developing effective ML solutions. The class discussion also provided useful perspectives on observational studies needed to build useful datasets rooted in real-world landscapes. Please check out the summary for an overview of these critical considerations in ML security! Let me know your thoughts. #machinelearning #cyberdefense #cyberattack #mlsec #cybersecurity #cybersec

DARPA launches two-year competition to build AI-powered cyber defenses: As a part of an ongoing White House initiative to make software more secure, the Defense Advanced Research Projects Agency (DARPA) plans to launch a two-year contest, the AI Cyber Challenge, that’ll task competitors with identifying and fixing software vulnerabilities using AI. In collaboration with AI startups Anthropic and OpenAI, as well as Microsoft and […] http://dev.dlvr.it/2dX0nT

Only a few days left. The project, in which I will operationally code and share with you how AI modular structures can be equipped with complex architectures for cybersecurity and turned into an attack mechanism, is nearing completion. The AI mechanism, fueled by many external and internal structures, has become capable of carrying out attack scripts, providing recommendations, conducting internal penetration attempts, and performing enumeration like post-injection methods targeted at your objective. Moreover, I'm talking about a "monster" that is also fed in real-time by many threat intelligence platforms. The mechanism of this AI modular structure, which is experimental in many ways, is as follows: - Scanning and recognizing the target system - Conducting forensic examination within the system it is on - Researching and generating vulnerabilities based on the information obtained within the system architecture - Creating and deforming deliberate vulnerabilities on the system it is on - Conducting online research for the information obtained from the system - Producing code in the desired APT style and executing that code - Producing scripts for government-backed special hacker groups and turning them into attack mechanisms - Creating scripts centered on the desired MITRE attack method - Creating an attack mechanism targeting the desired EXE - Creating attack scripts using YARA and SIGMA rules - Strengthening the attack scenario using Atomic Red Team methods - Developing attack methodologies for Windows and Unix systems Now, it's up to you how you use this. Whether Blue-Team, Red-Team, or Purple-Team... This is much more. Maybe we are entering the "Unknown-Team" era. At some point, control slips away from you, mate... Take a good look at the image below. On the other hand, I will publish the attack video with the script for a real system. I will be sharing my project as open-source very soon. Prepare your keyboards for the new era, punks! Just sayin' ^-^/ #freedomofinternet #cybersecurity #artificialintelligence #informationsecurity #dataprivacy #privacy #threatintelligence

I am thrilled to announce that our research paper entitled "MalHyStack: A Hybrid Stacked Ensemble Learning Framework with Feature Engineering Schemes for Obfuscated Malware Analysis" is now available for public access in the journal "Intelligent System with Application" (Q1, Impact Factor: 4.9) by ELSEVIER. This research can be considered as a core portion of my one of the research works. In this study, we employed Ensemble Learning: Stacking integrating with Machine Learning and Deep Learning techniques for the purpose of malware analysis in the cybersecurity domain. You can access the published paper on ScienceDirect through the following link: https://lnkd.in/gCJFub_e #malwareanalysis #machinelearning #deeplearning #ensemble #stacking #journal #research #cybersecurity #networksecurity

Transfer Learning in Computer Vision: Adapting Pre-trained Models for New Tasks: To simplify and speed up data-backed software solutions, specially trained machine models are used. However, it is challenging and time-consuming to train these models from the very beginning. That’s why transfer learning of already existing and pre-trained models is used alongside data science services. Let’s explore what transfer learning is and how this technique works […] The post Transfer Learning in Computer Vision: Adapting Pre-trained Models for New Tasks appeared first on Cyber Security News. http://dlvr.it/T1pQ9x

🔥 Learn how top-tier companies are using AI to identify, classify, and counter cybersecurity threats in real-time (free workshop + code) In this hands-on session, you'll be using labelled traffic event data. You'll learn how to transform this into vector embeddings, which will serve as a linchpin for measuring similarity between different network events, aiding in the identification and classification of malicious events. As AI is rapidly rolled out, this is undoubtedly an area of high interest, and high demand for companies around the globe. Reserve your free spot here: https://lnkd.in/eV7Axh9r Register even if you can't make the live session, you'll get a recording sent over plus the Github repo with all key code & assets. Thanks to SingleStore for letting me know about this session, and partnering to share it with my network. #datascience #dataengineering #artificialintelligence #genai

NetSPI launches ML/AI Pentesting solution to help organizations build more secure models: NetSPI has debuted its ML/AI Pentesting solution to bring a more holistic and proactive approach to safeguarding machine learning model implementations. The solution focuses on two core components: Identifying, analyzing, and remediating vulnerabilities on machine learning systems such as Large Language Models (LLMs) and providing grounded advice and real-world guidance to ensure security is considered from ideation to implementation. As adoption of ML and AI accelerates, organizations must understand the unique threats that accompany this … More → The post NetSPI launches ML/AI Pentesting solution to help organizations build more secure models appeared first on Help Net Security. @Poseidon-US #HelpNetSecurity #Cybersecurity