Organizations are struggling to keep up with the constantly shifting landscape of attacks that are being launched against them. While there is no shortage of solutions being offered in the market today, many are relatively narrow with regard to the specific problem they solve. Of course, having an arsenal of such solutions necessitates having a larger and more experienced security staff to handle them.
Network security company, SlashNext, has put forth a new, “third-generation” approach called the Active Cyber Defense System that goes past reliance upon signatures and sandboxes, leveraging cognitive processing and self-learning capabilities to protect against social engineering, zero-day exploits, malware, ransomware, and advanced persistent threats (APTs).
SlashNext’s founder, Atif Mushtaq, has built quite the reputation for himself working extensively with law enforcement agencies to take down some of the world’s biggest malware networks including the Rustock, Srizbi, Pushdo and Grum botnets. He most recently spent 9 years at FireEye as a senior scientist helping architect their core malware detection technology.
SlashNext just announced that it has closed a 9 million Series A round led by Norwest Venture Partners and Wing Venture Capital. Board members Promod Haque of Norwest Venture Partners and Gurav Garg of Wing Venture Capital have an interesting history working together as well; back in the day, both decided to take a bet on a then-tiny startup called FireEye by investing in its Series A round. FireEye, as we all now know, turned out to be a huge success when it went for a 5 billion dollar IPO in 2013.
At a recent event, ITSPmagazine was able to sit down with the SlashNext team to discuss some of the more interesting aspects of their solution. Where many machine learning startups use analytics to monitor user or entity behavior as an indication of risky/malicious behavior or some sort of infection, SlashNext get ahead of the threat by actively seeking out the malicious servers to gain deep insight into the attacker’s security posture and identify their next move before they make it. One could almost look at this aspect as “Attacker Behavior Analytics” instead of “User Behavior Analytics.”
Another novelty of SlashNext’s technology is that it uses advanced artificial intelligence to automate the mind of a security researcher. “Time and again human beings find evidence of attacks that technology solutions miss. Humans—both friend and foe—rely on knowledge, skill, and intuition. So it only makes sense that if we could electronically synthesize these aspects, our technological solutions would be that much better. In fact, SlashNext started out as an AI project where, in a eureka moment, it’s founder had a revelation.
“Why not try to reverse engineer and automate my own ‘self’ to build a robo-researcher that can analyze cyber attacks exactly the way I do it manually.” said Atif Mushtaq, SlashNext’s CEO.
SlashNext applied this model to achieve the automation of a researcher’s mind using a specialized form of Artificial Intelligence called Progressive Learning. Progressive Learning derives its feature sets and reasoning through dynamically-curated dictionaries, allowing the system to detect zero-day attacks as efficiently as older, well-known, attacks. Just like a human, the system can self-learn at runtime without the need for any manual intervention, thereby continuously improving its range of knowledge and automated analysis capabilities.
By definition, security analytics based on conventional machine learning presents probabilistic rather than deterministic outcomes—which is why many organizations have found products relying on this to be somewhat frustrating to incorporate into their workflows. More often than not, their personnel spend their precious time chasing down leads that don’t equate to actionable threats. In contrast, SlashNext delivers a definitive verdict – “Malicious” or “Not Malicious” – so the security team knows exactly what to spend their time on—and why.
SlashNext is confident they’ve cracked the code that allows them to deliver on the promise often held up over machine learning-fueled analytics. Giving organizations clear, actionable alerts with precise definitive outcomes is their goal. Their recent funding event should help see that goal is successfully met.