Kumar Sharad, Sr. Threat Researcher, and Abhinav Mishra, Principal Applied Scientist, explain the motivation and goals for ML based detection in ESCU, highlighting the benefits of using pre-trained models over live-trained models. Then they dive into a specific example of how Splunk is using Deep Learning to detect suspiciously named processes and how to deploy it using the Splunk App for Data Science and Deep Learning (DSDL). Finally, they touch on how this comes together in ESCU and discuss additional resources.
Watch this tech talk to learn:
How to leverage Deep Learning models to detect suspiciously named processes
The design of a RNN based character-level model at the heart of the detection
How to use the pre-trained model via the DSDL app
Tech Talk part I:
Video Player is loading.
Current Time 0:00
/
Duration 0:00
Loaded: 0%
Stream Type LIVE
Remaining Time -0:00
1x
Chapters
descriptions off, selected
captions settings, opens captions settings dialog
captions off, selected
This is a modal window.
Beginning of dialog window. Escape will cancel and close the window.
End of dialog window.
This is a modal window. This modal can be closed by pressing the Escape key or activating the close button.
