Humans are relatively predictable creatures. We tend to work from the same computers, at the same times, from the same places. However, our boring routines can actually provide useful baselines when it comes to risk detection and breach prevention.
By leveraging access attempts that diverge drastically from historical patterns, security teams can accelerate their efforts in detecting insider threats and risk more broadly. Anomaly detection is definitely not a cure-all, but understanding machine learning basics and how to leverage strange or unusual events can be a very effective control in mitigating risk.
In this talk, Ted Kietzman from the Duo Security Product team will cover some traditional algorithms used to highlight anomalies and how they can be improved or specialized. He’ll also cover the application of anomaly detection to access management and a few concrete examples of how and where security teams can leverage anomalies to remediate threats and harden defenses over time.
Swing by if you’re interested in: data science fundamentals, anomaly detection, access management, access policy, phishing, insider risk, access abuse, risk mitigation.