AI-enabled  malware  can  breach  and  infect  an  organization  within  45  minutes.    No  human  incident
            response team can detect and respond quickly enough.  Organizations need tools with purpose-built AI
            models looking for specific behaviors.  General-purpose AI models do not have the fidelity to detect
            different types of intermittent behavior over long periods of time.  Behavioral detection should include
            building baselines of network traffic, user behavior, and application behavior.  The models would then
            identify anomalous deviations, alert, and use SOAR (security orchestration, automation, and response)
            to command security products to respond using automated playbooks.  This reduces the time needed to
            detect and respond to an attack from days and weeks to a matter of minutes.

            Most  organizations  think  that  their  security  architecture  is  robust  enough  to  combat  APTs.  Yet,
            ransomware is almost 100% successful, which means the most popular firewalls and endpoint protection
            are not sufficient to detect and block weaponized AI APTs, let alone go back and detect a breach.  The
            next state-of-the-art security solutions must be AI enabled to detect the AI being used against them.  The
            attackers may currently have the upper hand, but you can start evaluating new smarter tools to fight back.





            About the Author

            Guy is Chief Product Officer for Sangfor Technologies.  He has
            over 20 years’ experience (though some say it is one year’s
            experience twenty times) in application and network security,
            kicking it off with 10 years in the U.S. Air Force, reaching rank
            of captain.  After his time in the USAF building the first fiber to
            the  desktop  LAN  and  other  things  you  would  find  in  Tom
            Clancy novels, Guy worked at NGAF, SIEM, WAF and CASB
            startups as well as big-name brands like Imperva and Citrix.
            He  has spoken at  numerous conferences  around  the world
            and in people’s living rooms, written articles about the coming Internet Apocalypse, and even managed
            to occasionally lead teams that designed and built security stuff.  Guy is thrilled to be in his current position
            at Sangfor — partly because he was promised there would always be Coke Zero in the breakroom.  His
            favorite   cake     is    German      Chocolate.     Guy      can     be    reached      online    at
            https://www.linkedin.com/in/guyrosefelt/ and at Sangfor’s official website: https://www.sangfor.com/.






















                                                                                                              58