We know that effectively investigating data from a system can help detect malicious attempts and better understand the context behind past incidents. Several monitoring solutions exist to detect potential anomalies and malfunctions. Too often, these systems report too much information, making it more difficult to detect incidents.
This research paper presents a solution based on a more intuitive user interface combined with Machine Learning predictions. This solution, which is called SMS-I (Security Management Solutions-Investigation), is an investigation tool that works as a fully automated decision support mechanism. SMS-I collects information about alerts and events, and at the same time produces incident probabilities through Machine Learning models.
This confirms two certainties we have at Malizen: cyber analysts need help to process the amount of information coming from different detection and monitoring solutions and dataviz associated with Machine Lerning could be the winning combo!