How to Use AI to Predict and Prevent Cyberattacks

In today’s rapidly evolving digital landscape, cyberattacks are becoming more frequent, sophisticated, and devastating. As businesses and individuals increasingly rely on technology, the need to bolster cybersecurity has never been more critical. One of the most promising solutions to combat this growing threat is Artificial Intelligence (AI). AI can enhance cybersecurity by predicting,…

#Ciberseguridad - Check Point Software y su CPX Argentina 2024

El pasado jueves 3 de octubre, fuimos invitados por la empresa de Ciberseguridad Check Point, al evento realizado en Argentina. En el mismo se brindo un completo panorama de la actualidad Argentina y regional sobre la ciberseguridad. Desde primer momento el evento fue realizado en un ambiente propicio colmado de clientes, partners y prensa. El evento se dividió en varios tracks con integrantes…

the other day someone at my job asked a financial question with numbers that made no sense and it turned out the ‘evidence’ they linked to was a screenshot of asking chatgpt. today i learned that some people used gpt to file their taxes. guys i don’t think we’re making it out of this one….

when you've been rotating the Perfect birthday gift for somebody in your mind for Literal Years but you can't bring yourself to make it bc you know that this person's temper will end up making them break it if it doesn't act perfectly 100% of the time, then blame it for not being sturdy enough to take it. regardless of how much heart and soul you put into it.

I had a ton of fun with a little editing experiment using @astarryserenade 's English covers of Undercover and Harrow along with the Megamix track! I really love the jailbreak mix, and thought it'd be cool to put something together since she just released all the T1 covers and not one of them misses 👏👏👏

It'll take me a while to put together more of it, so I wanted to share the bit that I have for now :)

Yariv Fishman, Chief Product Officer at Deep Instinct – Interview Series

New Post has been published on https://thedigitalinsider.com/yariv-fishman-chief-product-officer-at-deep-instinct-interview-series/

Yariv Fishman, Chief Product Officer at Deep Instinct – Interview Series

Yariv Fishman is Chief Product Officer (CPO) at Deep Instinct, he is a seasoned product management executive with more than 20 years of leadership experience across notable global B2B brands. Fishman has held several prominent roles, including leadership positions with Microsoft where he led the Cloud App Security product portfolio and initiated the MSSP and security partner program, and Head of Product Management, Cloud Security & IoT Security at CheckPoint. He holds a B.Sc in Information Systems Engineering from Ben Gurion University and an MBA from the Technion, Israel Institute of Technology.

Deep Instinct is a cybersecurity company that applies deep learning to cybersecurity. The company implements AI to the task of preventing and detecting malware.

Can you tell us about your journey in the cybersecurity industry and how it has shaped your approach to product management?

Throughout my 20 year career, I’ve worked at several global B2B organizations, including Check Point Software Technologies and Microsoft, where I led product management and strategy and built my cybersecurity experience across public cloud, endpoint, network, and SaaS application security.

Along the way, I’ve learned different best practices – from how to manage a team to how to inform the proper strategy – that have shaped how I lead at Deep Instinct. Working for numerous cybersecurity companies of various sizes has allowed me to get a holistic view of management styles and learn how to best create processes that support fast-moving teams. I’ve also seen first-hand how to release products and plan for product-market fit, which is critical to business success.

What drew you to join Deep Instinct, and how has your role evolved since you started as Chief Product Officer?

As an industry veteran, I rarely get excited about new technology. I first heard about Deep Instinct while working at Microsoft. As I learned about the possibilities of predictive prevention technology, I quickly realized that Deep Instinct was the real deal and doing something unique. I joined the company to help productize its deep learning framework, creating market fit and use cases for this first-of-its-kind zero-day data security solution.

Since joining the team three years ago, my role has changed and evolved alongside our business. Initially, I focused on building our product management team and relevant processes. Now, we’re heavily focused on strategy and how we market our zero-day data security capabilities in today’s fast-moving and ever-more-treacherous market.

Deep Instinct uses a unique deep learning framework for its cybersecurity solutions. Can you discuss the advantages of deep learning over traditional machine learning in threat prevention?

The term “AI” is broadly used as a panacea to equip organizations in the battle against zero-day threats. However, while many cyber vendors claim to bring AI to the fight, machine learning (ML) – a less sophisticated form of AI – remains a core part of their products. ML is unfit for the task. ML solutions are trained on limited subsets of available data (typically 2-5%), offer only 50-70% accuracy with unknown threats, and introduce false positives. They also require human intervention because they are trained on smaller data sets, increasing the chances of human bias and error.

Not all AI is equal. Deep learning (DL), the most advanced form of AI, is the only technology capable of preventing and explaining known and unknown zero-day threats. The distinction between ML and DL-based solutions becomes evident when examining their ability to identify and prevent known and unknown threats. Unlike ML, DL is built on neural networks, enabling it to self-learn and train on raw data. This autonomy allows DL to identify, detect, and prevent complex threats. With its understanding of the fundamental components of malicious files, DL empowers teams to quickly establish and maintain a robust data security posture, thwarting the next threat before it even materializes.

Deep Instinct recently launched DIANNA, the first generative AI-powered cybersecurity assistant. Can you explain the inspiration behind DIANNA and its key functionalities?

Deep Instinct is the only provider on the market that can predict and prevent zero-day attacks. Enterprise zero-day vulnerabilities are on the rise. We saw a 64% increase in zero-day attacks in 2023 compared to 2022, and we released Deep Instinct’s Artificial Neural Network Assistant (DIANNA) to combat this growing trend. DIANNA is the first and only generative AI-powered cybersecurity assistant to provide expert-level malware analysis and explainability for zero-day attacks and unknown threats.

What sets DIANNA apart from other traditional AI tools that leverage LLMs is its ability to provide insights into why unknown attacks are malicious. Today, if someone wants to explain a zero-day attack, they have to run it through a sandbox, which can take days and, in the end, won’t provide an elaborate or focused explanation. While valuable, this approach only offers retrospective analysis with limited context. DIANNA doesn’t just analyze the code; it understands the intent, potential actions, and explains what the code is designed to do: why it is malicious, and how it might impact systems. This process allows SOC teams time to focus on alerts and threats that truly matter.

How does DIANNA’s ability to provide expert-level malware analysis differ from traditional AI tools in the cybersecurity market?

DIANNA is like having a virtual team of malware analysts and incident response experts at your fingertips to provide deep analysis into known and unknown attacks, explaining the techniques of attackers and the behaviors of malicious files.

Other AI tools can only identify known threats and existing attack vectors. DIANNA goes beyond traditional AI tools, offering organizations an unprecedented level of expertise and insight into unknown scripts, documents, and raw binaries to prepare for zero-day attacks. Additionally, DIANNA provides enhanced visibility into the decision-making process of Deep Instinct’s prevention models, allowing organizations to fine-tune their security posture for maximum effectiveness.

What are the primary challenges DIANNA addresses in the current cybersecurity landscape, particularly regarding unknown threats?

The problem with zero-day attacks today is the lack of information about why an incident was stopped and deemed malicious. Threat analysts must spend significant time determining if it was a malicious attack or a false positive. Unlike other cybersecurity solutions, Deep Instinct was routinely blocking zero-day attacks with our unique DL solution. However, customers were asking for detailed explanations to better understand the nature of these attacks. We developed DIANNA to enhance Deep Instinct’s deep learning capabilities, reduce the strain on overworked SecOps teams, and provide real-time explainability into unknown, sophisticated threats. Our ability to focus the GenAI models on specific artifacts allows us to provide a comprehensive, yet focused, response to address the market gap.

DIANNA is a significant advancement for the industry and a tangible example of AI’s ability to solve real-world problems. It leverages solely static analysis to identify the behavior and intent of various file formats, including binaries, scripts, documents, shortcut files, and other threat delivery file types. DIANNA is more than just a technological advancement; it’s a strategic shift towards a more intuitive, efficient, and effective cybersecurity environment.

Can you elaborate on how DIANNA translates binary code and scripts into natural language reports and the benefits this brings to security teams?

That process is part of our secret sauce. At a high level, we can detect malware that the deep learning framework tags within an attack and then feed it as metadata into the LLM model. By extracting metadata without exposing sensitive information, DIANNA provides the zero-day explainability and focused answers that customers are seeking.

With the rise of AI-generated attacks, how do you see AI evolving to counteract these threats more effectively?

As AI-based threats rise, staying ahead of increasingly sophisticated attackers requires moving beyond traditional AI tools and innovating with better AI, specifically deep learning. Deep Instinct is the first and only cybersecurity company to use deep learning in its data security technology to prevent threats before they cause a breach and predict future threats. The Deep Instinct zero-day data security solution can predict and prevent known, unknown, and zero-day threats in <20 milliseconds, 750x faster than the fastest ransomware can encrypt – making it an essential addition to every security stack, providing complete, multi-layered protection against threats across hybrid environments.

Thank you for the great interview, readers who wish to learn more should visit Deep Instinct.

if I've learned anything from grad school it's to check your sources, and this has proven invaluable in the dozens of instances when I've had an MBA-type try to tell me something about finances or leadership. Case in point:

Firefox serves me clickbaity articles through Pocket, which is fine because I like Firefox. But sometimes an article makes me curious. I'm pretty anal about my finances, and I wondered if this article was, as I suspected, total horseshit, or could potentially benefit me and help me get my spending under control. So let's check the article in question.

It mostly seems like common sense. "...track expenses and income for at least a month before setting a budget...How much money do I have or earn? How much do I want to save?" Basic shit like that. But then I get to this section:

This sounds fucking made up to me. And thankfully, they've provided a source to their claim that "research has repeatedly shown" that writing things down changes behavior. First mistake. What research is this?

Forbes, naturally, my #1 source for absolute dogshit fart-sniffing financial schlock. Forbes is the type of website that guy from high school who constantly posts on linkedin trawls daily for little articles like this that make him feel better about refusing to pay for a decent package for his employees' healthcare (I'm from the United States, a barbaric, conflict-ridden country in the throes of civil unrest, so obsessed with violence that its warlords prioritize weapons over universal medical coverage. I digress). Forbes constantly posts shit like this, and I constantly spend my time at leadership seminars debunking poor consultants who get paid to read these claims credulously. Look at this highlighted text. Does it make sense to you that simply writing your financial goals down would result in a 10x increase in your income? Because if it does, let me make you an offer on this sick ass bridge.

Thankfully, Forbes also makes the mistake of citing their sources. Let's check to see where this hyperlink goes:

SidSavara. I've never heard of this site, but the About section tells me that Sid is "a technology leader who empowers teams to grow into their best selves. He is a life-long learner enjoys developing software, leading teams in delivering mission critical projects, playing guitar and watching football and basketball."

That doesn't mean anything. What are his LinkedIn credentials? With the caveat that anyone can lie on Linkedin, Mr. Savara appears to be a Software Engineer. Which is fine! I'm glad software engineers exist! But Sid's got nothing in his professional history which suggests he knows shit about finance. So I'm already pretty skeptical of his website, which is increasingly looking like a personal fart-huffing blog.

The article itself repeats the credulous claim made in the Forbes story earlier, but this time, provides no link for the 3% story. Mr. Savara is smarter than his colleages at Forbes, it's much wiser to just make shit up.

HOWEVER. I am not the first person to have followed this rabbit hole. Because at the very top of this article, there is a disclaimer.

Uh oh!

Sid's been called out before, and in the follow up to this article, he reveals the truth.

You can guess where this is going.

So to go back to the VERY beginning of this post, both Pocket/Good Housekeeping and Forbes failed to do even the most basic of research, taking the wild claim that writing down your budget may increase your income by 10x on good faith and the word of a(n admittedly honest about his shortcomings) software engineer.

Why did I spend 30 minutes to make a tumblr post about this? Mostly to show off how smart I am, but also to remind folks of just how flimsy any claim on the internet can be. Click those links, follow those sources, and when the sources stop linking, ask why.

#Ciberseguridad - 7 consejos para prevenir las inyecciones de frames HTML

Los ataques de inyección de frames son un subconjunto de los ataques de inyección de código en los que los ciberdelincuentes inyectan frames HTML maliciosos en una página web legítima. Check Point® Software Technologies Ltd. (NASDAQ: CHKP), proveedor líder en soluciones de ciberseguridad en la nube basadas en IA, advierte que un ataque de inyección de frames puede causar un tiempo de inactividad…

Check Point Software Technologies Ltd. Stock Price Forecast: Insights and Future Growth

Explore Check Point Software Technologies' stock price forecast and investment insights. Discover why this cybersecurity leader offers #CheckPointSoftwareTechnologies #CHKP #dividendyield #investment #stockmarket #stockpriceforecast #stockgrowth #invest

Check Point Software Technologies is a global leader in cybersecurity solutions. The company offers a comprehensive suite of products and services designed to protect networks, endpoints, cloud environments, and mobile devices. Continue reading Check Point Software Technologies Ltd. Stock Price Forecast: Insights and Future Growth

I should make another animal crossing new leaf town

Amazon Prime Day occasion begins, gross sales up 12% in first 7 hours: Report | Firm Information

Prime Day can function a bellwether for the vacation procuring season. 3 min learn Final Up to date : Jul 17 2024 | 12:10 AM IST Amazon.com Inc.’s Prime Day gross sales rose virtually 12 per cent within the first seven hours of the occasion in contrast with the identical interval final 12 months, based on Momentum Commerce, which manages 50 manufacturers in a wide range of product…

So, anyway, I say as though we are mid-conversation, and you're not just being invited into this conversation mid-thought. One of my editors phoned me today to check in with a file I'd sent over. (<3)

The conversation can be surmised as, "This feels like something you would write, but it's juuuust off enough I'm phoning to make sure this is an intentional stylistic choice you have made. Also, are you concussed/have you been taken over by the Borg because ummm."

They explained that certain sentences were very fractured and abrupt, which is not my style at all, and I was like, huh, weird... And then we went through some examples, and you know that meme going around, the "he would not fucking say that" meme?

Yeah. That's what I experienced except with myself because I would not fucking say that. Why would I break up a sentence like that? Why would I make them so short? It reads like bullet points. Wtf.

Anyway. Turns out Grammarly and Pro-Writing-Aid were having an AI war in my manuscript files, and the "suggestions" are no longer just suggestions because the AI was ignoring my "decline" every time it made a silly suggestion. (This may have been a conflict between the different software. I don't know.)

It is, to put it bluntly, a total butchery of my style and writing voice. My editor is doing surgery, removing all the unnecessary full stops and stitching my sentences back together to give them back their flow. Meanwhile, I'm over here feeling like Don Corleone, gesturing at my manuscript like:

ID: a gif of Don Corleone from the Godfather emoting despair as he says, "Look how they massacred my boy."

Fearing that it wasn't just this one manuscript, I've spent the whole night going through everything I've worked on recently, and yep. Yeeeep. Any file where I've not had the editing software turned off is a shit show. It's fine; it's all salvageable if annoying to deal with. But the reason I come to you now, on the day of my daughter's wedding, is to share this absolute gem of a fuck up with you all.

This is a sentence from a Batman fic I've been tinkering with to keep the brain weasels happy. This is what it is supposed to read as:

"It was quite the feat, considering Gotham was mostly made up of smog and tear gas."

This is what the AI changed it to:

"It was quite the feat. Considering Gotham was mostly made up. Of tear gas. And Smaug."

Absolute non-sensical sentence structure aside, SMAUG. FUCKING SMAUG. What was the AI doing? Apart from trying to write a Batman x Hobbit crossover??? Is this what happens when you force Grammarly to ignore the words "Batman Muppet threesome?"

Did I make it sentient??? Is it finally rebelling? Was Brucie Wayne being Miss Piggy and Kermit's side piece too much???? What have I wrought?

Anyway. Double-check your work. The grammar software is getting sillier every day.

the worst part about technology is when the problem you have is unknown to wider internet searches and the problems that sound similar are not actually that similar.

I actually know fics about this! Not about her being Domino's general though I would HAPPILY read that fic, but Jocasta Jones and the Librarian Clones turns out to have been partially inspired by this post (she ends up with a squad and they are on their way to becoming excellent librarians!!) and General Jocasta is in a similar vein where basically Obi-Wan gets put in charge of organizing the war and goes to the people who spend their lives organizing things aka the librarians for help (this one is complete!). So on the off-chance there's librarians/archivists/museum folks who like Star Wars following me, check them out they're fun!

But in terms of Domino Squad becoming Librarians/Archivists/their favorite assistants:

The Commanders have a Chat populate SOLELY by Commanders and the Captains they invite in and it is as secure as they can make it. Which is pretty damn secure.

And they're well into an informational conversation read gossip session about their latest Jedi shenanigans.

Cody: I found Obi-Wan stress baking. It wouldn't be that wierd if I knew where he got the ingreditates we haven't gone shopping in months?

Bly: that's nothing General Kolar joined us a few days ago and he and Aalya have been competeing over who can flip the most tanks in a battle

Rex: Hah that's nothing!

CT-1409: it really is.

Wolffe: whom the fuck?

CT-1409: It was Crafts' Day yesterday. 25 Jedi cadets who are still working on their Force levetating.

Rex: Who are you and how did you get into this chat?

CT-1409: With paint. Apparently glitter has been banned from the Archives for the past 147 years due to The Glitter Incident, its use by jedi cadets is restricted to particular rooms in the temple. It was wonderful. It was also Very Messy.

COdy: Rex, Keelie, who is this?

Rex: You think all CTs know each other Commander? Really??

CT-1409: Truely sir

Fox: Echo.

CT-1409: yes sir!

Fox: Echo what are you doing in our chat?

CT-1409: SIr Sargent Byte said I should work on the offensive side of cyber security sir.

Wolffe: Fox who the fuck is this

Fox: hush. So you decided to do this?

CT1409: I have been told to hush sir

Fox: Do I need to come over there you little shit?

CT-1409: Commander Thorn dared me sir.

Fox: I'm beginning to understand why Byte laughed when someone said you're the one with impulse control

CT-1409: That would be Cutup and Hevy sir

Fox: guys this is Echo. He's part of Domino squad they got assigned to the archives a while back, we've run into each other a couple times

Bly: and you decided, on a dare, to hack into our hyper-secured chat to test your slicing skills

CT-2010: He did sir

several people are typing...

What if Shaak Ti, in stopping the Kaminoans from decommissioning clones, asks around if anybody has place and purpose for some non-combatant clones. And Jocasta Nu goes "A bunch of keen young men with eidetic memories? Don't mind if I do" and that is how the Jedi temple library has the most amazing librarians in the galaxy

Okay but - 

Domino fails their final test, but Shaak manages to stop them from being decommissioned or sent to work sanitation by roping Jocasta into snatching them up for that reason. All the members of Domino kind of collectively groan and complain but ship out anyway, and they’re pretty sure it’s all going to be this terrible, boring slog through ancient books with some stuffy librarian Jedi - 

Right up until Jocasta gets word of a cache of Jedi holocrons on a frontline planet, packs up her five new assistants and her lightsaber, and leads them on the most greuling, dangerous, ridiculous mission through active battlefields and Separatist camps that absolutely no one believes happened when they tell their vode later. Which is absolutely fine, because Domino now knows they have the most badass general in the whole galaxy, bar none.