CTO Talk: From the Sandbox – LogSentinel’s Neural Network

Most of the current SIEM, SOAR, and XDR solutions with integrated deep neural networks focus only on rough correlations that have no causal relationship, which often leads to testing of deep learning systems in real conditions that are significantly different from learning scenarios, and they often give many false-positive results.  To break the shackles of the limited ability to detect and connect data insights, LogSentinel is building a neural SuperNetwork that includes smaller networks, a strategy that allows seamless sharing of intelligence, commands, and other operational data between modules in multidimensional cyberspace. The SuperNet makes basic assumptions about which variables are causally related and can then autonomously test whether the correction of different variables is consistent with the initial assessment.  Cybercriminals are increasingly using AI to automate vulnerabilities and break down complex systems. Complex, large-scale attacks on social engineering and deep forgeries are prime examples of this trend.  In response, LogSentinel plans to deploy the Graph Neural Network to protect against AI attacks. The SuperNet uses validation routines that cross-check behavior patterns from previous behavior, and AI will monitor the corporate network by creating an active profile for each user, application, and device on that network. Which files have access, which applications they use, when, and where. If this behavior changes suddenly, the user/application will be marked for a deep scan. This is a huge improvement in threat detection. A lot of time is currently being spent before the attack is detected. A separate, dedicated LogSentinel SuperNet module continuously scans the Dark Web.  The SuperNetwork can essentially make basic assumptions about which variables have a causal relationship and then test whether the correction of different variables is consistent with the initial assessment. Eventually, LogSentinel will be able to use this method to hypothesize what might happen when an object falls, and then confirm its conclusion by actually seeing it fall to the floor several times.  Cyberspace is the continuation and expansion of the real world, and the struggle in cyberspace is a virtual and real mapping of the struggle and the game in the real world. Currently, major countries and corporations around the world are accelerating the building of cyber forces and the trend of militarization of global cyberspace is becoming increasingly apparent.  States and corporations continue to step up planning at the highest level, expand cyber combat capabilities, accelerate research and development of cyber weapons, and strengthen cyber exercises and competitions, striving to fully improve cyber combat capabilities and take the lead in the competition in cyberspace. In addition, reality and conflicts in cyberspace intertwine, and global cyber confrontation is entering a new phase in the final test.  In response to operational requirements in terms of network, informatization, and digitalization, LogSentinel, guided by the concept of joint operations for command and control of all domains, formulates relevant concepts and strategies, trying to integrate intelligent reactive efficiency and system customers to take advantage of decisions, speed of action and coordinated operations on the future cyber battlefield.  For complex cybersecurity and cyber resilience, LogSentinel combines causation and correlation. For example, the data model adjusts the mechanism model, performs post-processing of the results of the mechanism model, and uses some of the results as characteristics of the data model and others.  LogSentinel is preparing a new version of Smart Intelligent Strategy to accelerate the transition to the Graph Neural Network by providing a comprehensive vision, focus areas, guidelines, core capabilities, and necessary goals to support the Integrated Protection and Modernization Strategy. The concept focuses on the integration of different areas and levels of intelligent protection, setting out a vision for developing and maintaining a competitive advantage.  Start from the causal relationship, formulate and test hypotheses. These practices are significantly different from big data analysis, such as looking for some correlation in a large amount of unordered data, regardless of the reasons behind the correlation.  LogSentinel transforms traditional cyber analysis into full-scale data analysis, as a result of which the accuracy of conclusions is significantly improved, through this approach some fields change from unpredictable to predictable.  Start from the causal relationship, formulate, and test hypotheses. These practices are significantly different from big data analysis in classical SIEMs, SOAR, and XDR – looking for some correlation in a large amount of unordered data, regardless of the reasons behind the correlation.  Cyberspace is the continuation and expansion of the real world, and the struggle in cyberspace is a virtual and real mapping of the struggle and the game in the real world.   REQUEST DEMO
Like this article? Share it with your network!