As it becomes painfully clear that traditional cybersecurity
solutions leave gaps, however small, that can be successfully
exploited by adversaries, many users take heart when new and
promising security solutions emerge. Technologies such as
heuristics, deep packet inspection or behavioral analysis have
brought hope of better protection in their time. Today, the latest
trend in cybersecurity is artificial intelligence, and specifically
machine learning (ML). The latter has been touted as the new
remedy to security issues. However, a major challenge with ML
is that due to its complexity, it’s difficult for security
professionals to truly evaluate the use and effectiveness of
ML technology in security products. As stated by Dan Ariely,
the James B. Duke Professor of Psychology and Behavioral
Economics at Duke University’s Fuqua School of Business,
"Everyone talks about it, (but) nobody really knows how to do
it. Everyone thinks everyone else is doing it, so everyone claims
they are doing it."

The purpose of this white paper is to help users understand
how CrowdStrike ® uses ML to protect endpoints. To get there,
we must first clarify what ML is and how it works. Then we will
describe how Crowdstrike implements ML, specifically in the
area of malware detection. Finally, we will discuss the benefits
and limitations of applying ML in cybersecurity. In the end, the
reader will get a better understanding of ML and how — when
used correctly — it can help defend against cyber threats.


Send to Other