“You Don’t Do That Usually”: Detecting Anomalies in AWS IAM User Activity
Introduction Users may perform thousands of actions (events) per day in their Amazon Web Services (AWS) environments. This generates a […]
Introduction Users may perform thousands of actions (events) per day in their Amazon Web Services (AWS) environments. This generates a […]
LOLBins (living off the land binaries) are executable files that are already present in the user environment, LOLBins (living off […]
Hundreds of millions of events. Tens of thousands of triggered rules. A thousand incidents. Every week. That is the reality of the modern cyber threat landscape and the sheer volume of alerts that the Sophos MTR […]
SophosAI team develops numerous machine learning models that get directly integrated to our products. Currently we have more than 30 models deployed […]
Previously in the ELI10 series, we went over our detector of malicious web content based on URLs: a lightweight deep […]
Introduction At Sophos we take a neural network approach to detecting previously unseen malicious and derogatory URLs. We use a […]
Introduction On any given day that we are happily browsing the Web, we are stomping around on a minefield. Malware […]
Introduction The machine learning-based detection technologies we build at Sophos AI rely on many information sources, including binary programs, system […]
Introduction In the last blog post (linked here for anyone who missed it), I explained what catastrophic forgetting is and […]
Here at the Sophos AI team, our most common goal is to develop deep learning models that inspect a file […]