Splunk Tech Talks
Deep-dives for technical practitioners.

ML in Security: Suspiciously Named Processes

WhitneySink
Splunk Employee
Splunk Employee

Screenshot 2023-05-08 at 8.49.44 PM.png

Kumar Sharad, Sr. Threat Researcher, and Abhinav Mishra, Principal Applied Scientist, explain the motivation and goals for ML based detection in ESCU, highlighting the benefits of using pre-trained models over live-trained models. Then they dive into a specific example of how Splunk is using Deep Learning to detect suspiciously named processes and how to deploy it using the Splunk App for Data Science and Deep Learning (DSDL). Finally, they touch on how this comes together in ESCU and discuss additional resources.

Watch this tech talk to learn:

  • How to leverage Deep Learning models to detect suspiciously named processes
  • The design of a RNN based character-level model at the heart of the detection
  • How to use the pre-trained model via the DSDL app

Watch now!

Get Updates on the Splunk Community!

Out of the Box to Up And Running - Streamlined Observability for Your Cloud ...

  Tech Talk Streamlined Observability for Your Cloud Environment Register    Out of the Box to Up And Running ...

Splunk Smartness with Brandon Sternfield | Episode 3

Hello and welcome to another episode of "Splunk Smartness," the interview series where we explore the power of ...

Monitoring Postgres with OpenTelemetry

Behind every business-critical application, you’ll find databases. These behind-the-scenes stores power ...