Advances in AI in the cybersecurity environment have led to the discovery and mitigation of new cyber events and attack vectors. As a result, organizations are rushing to build more automated and intelligent security defenses using techniques such as machine learning, deep learning, and natural language processing. MacVittie discusses how organizations are using artificial intelligence to ensure a seamless automation approach within security.
in fashion Poisoning well historyan ancient Mesopotamian tale highlighting the most brutal threats to the region’s water supply, jihadists destroyed human life in the Iraqi town of Snun and even poisoned every blood-soaked well they could get their hands on. bottom.
Some wells were choked with oil, others clogged with ragged metal debris.
All aimed at killing all remaining functioning water outlets and bringing agriculturally rich areas to nothing.
The larger lesson was that town wells were always an important attack vector for the enemy, whether blocking access to them or using them as a force multiplier to spread disease.
In today’s cybersecurity context, the well of town can be compared to a script or API endpoint that initiates automation to make changes to infrastructure, applications, and digital services within an organization.
F5’s The State of the 2022 Application Strategy Report 78% of organizations say they are embracing rich automation across IT for the above purposes, replacing complex, hyperscale systems operated by tech giants such as Facebook, Twitter, and Amazon Emphasis is placed on the prevalence of automation to drive
Just like the wells of old, today a single script can affect thousands of systems in minutes.
Automation is a power multiplier that allows us to scale all kinds of operations in ways that humans could never achieve. It is the foundation for scaling processes, practices, and businesses. Because automation is one of the six key capabilities an organization needs to successfully leverage data, adopt Site Reliability Engineering (SRE) operations, and inject modern adaptive capabilities into its digital services, organizations should It’s always been said that you can’t be a digital business without automation. app delivery.
The implication is that automation is automation. Once started, it is difficult to intercept cascading changes system-wide, and impossible to stop its speed.
A few instances of automation propagating unintended changes have hit large parts of the internet because it’s almost impossible to remember bad parameters pushed to scripts. So when the Enter button is pressed or an API endpoint is called, the well will be polluted.
In addition, the threat of human error and security of IT automation are overlooked attack vectors that may take 10 years to eventually be exploited. According to the latest Uptime Institute research, “nearly 40% of his organization has suffered a major outage due to human error in the last three years.” This is where AI and machine learning (ML) come into play.
Using Machine Learning to Secure IT Automation
Machine learning is adept at uncovering patterns and relationships between data points. Today, most industries use machine learning to solve security and operational challenges such as identifying humans and bots, recognizing attacks, and predicting impending outages.
A frontier is App Infrastructure Protection (AIP). For example, F5 Distributed Cloud AIP uses machine learning to understand how operators and managers interact with critical systems and quickly notice when interactions deviate from the norm.
This is useful for detecting attackers trying to access directories that shouldn’t be accessed, or if an intruder invokes a command with parameters outside of normal usage.
Detecting anomalous parameters or attempting to execute anomalous commands means that this technology can be easily applied to IT automation to detect human error and malicious commands.
last takeaway
Assuming an appropriate level of access to the target system, such machine learning solutions can certainly provide a path to protect the system from malformed parameters, lateral communication attempts, and other attacks.
App infrastructure, app delivery, and automation remain attractive attack vectors. As organizations adopt more and more automation, the accidental or intentional impact of its use must be considered at the same time. From here on, you should consider how to protect against the inevitable thick fingers and malicious keystrokes.
Automation is a power multiplier. It is useful for both intentional and malicious use cases that emphasize the need to protect it. Machine learning may be one way to integrate AI with operations to secure the infrastructure that remains a critical component of digital business.
Click below to share this article
