Could AI/Machine Learning stop attacks like Petya, NOPetya, WannaCry?
WannaCry, Petya/NOPetya cyberattacks, cybercrime, ransomware cyberthreats, virus are some of the buzzwords that were at its peak till last week as shown on Google trends. While some experts are predicting this a role play for something “BIG” to come, the firms, government, institutions, organizations, hospitals are looking for measures to protect themselves against the next attack. Could they?
The famous quote by Callimachus is worth remembering here –
Set a thief to catch a thief!
There are ideally two ways to help your firm against these attacks. One was to gear up your resources and train them to be ethical hackers if you missed our last post on How Testers need to be ethical hackers do read it here. The next innovative way is to use technology against these attacks by using Artificial Intelligence and Machine Learning as surveillance tools and guard systems against any immoral activities. If you are keen to know how? Let’s dive in to find out–
How Could Artificial Intelligence and Machine Learning Stop Cyberthreats?
According to Gartner Research, the total market for all security will surpass $100B in 2019. As the world welcomes AI and ML with open hands, the technologies are sure to make an impact on cyber security. AI and ML are capable of predicting, preventing breaches at all level of software architecture making it just the perfect choice to detect anomalies.As per Cylance report – With efficacy rates at 99%, artificial intelligence and machine learning applied at the endpoint protects at levels never before seen.
AI- ML as a Surveillance Tool
It’s a tedious and mundane job for a human to scrutinize the logs and look for any suspicious activity, however with an AI-powered tool checking of logs and pointing to something random or susceptible would be an easy job. Just, for example, multiple logins across various devices from the same IP or someone with brute force is attempting to get into the system. These kinds of anomalies could be pointed out by an AI-powered system which then could be taken by a human to decide if it’s legitimate or illegitimate attempt.
As per Wired News – A system called AI2, developed at MIT’s Computer Science and Artificial Intelligence Laboratory, reviews data from tens of millions of log lines each day and pinpoints anything suspicious. A human takes it from there, checking for signs of a breach. The one-two punch identifies 86 percent of attacks while sparing analysts the tedium of chasing bogus leads.
Another Finnish Firm F-secure is combining the power of humans and machines in providing the best cyber security solutions to its clients. The most important factor in cyber security is time, as once the systems are breached the response needs to be immediate. For most the firms, it takes months to discover the breach itself, leave the response. Hence F-secure are offering solutions that could perform behavioral analytics using Machine learning and highlights the breach and anomalies in a real-time basis.
AI-ML - Predict, Analyse, and Act
An innovative way to predict cyber threats in modern times is via cyber security analytics. The analytics helps in getting insights about a “probable planned attack” before it happens. Once that data is gathered it’s time to act and prevent systems from Data Theft, Fraud or Data Deletion.
A firm LogRhythm with its solution offers Threat Lifecycle Management, Behaviour Analytics, Network, Endpoint, and Cybercrime detection, which is based on Artificial Intelligence and Machine Learning. In fact, Bill Taylor-Mountford, Vice President of LogRhythm, describes cybersecurity analytics as an “a smart machine that is always watching the data in your company. A machine that can filter out the white noise and look for the ones with unusual blips on the screen, the one browsing outside of their baseline.” Once the white noise is filtered out, it would be easy for Analysts to act and take preventive actions against cyber threats.
The combination of maths and science has the power to predict and stop threats like WannaCry, Petya, but does the firms trust their capabilities? Only time will tell, but cyber security solutions powered by AI and ML are indeed simple, scalable silent and efficient enough! It’s worth trying… Would you?
LIKE THIS POST SHARE IT WITH YOUR FRIENDS
Benefits of Automation Testing with CloudQA
Fast track your ecommerce monitoring
How could Service Virtualization enhance your Agile Testing Strategy?
How could Service Virtualization enhance your Agile Testing Strategy?
How often you push your “Phone Updates” to a later date as an update install means your phone would not be available to work. Even though the updates just take a couple of minutes, but in a fast-paced world where a minute delay could mean a lot, non-availability of services for a fraction of seconds frustrate you.
Often the similar situation is faced by a Tester/QA while performing his daily testing jobs – environments are not up, dependencies are ambiguous, developers/business users need the SIT environment and ‘n’ number of such reasons.
That’s where Service Virtualization comes into the picture!
In fact, Service Virtualization is all about continuity and boosting agility!
What is Service Virtualization?
Service Virtualization in laymen terms is providing services in a virtual manner. Just like on the internet you have virtual friends, virtual classroom or virtual 3D view of an art gallery, in a similar fashion the services exist for a tester/QA to test, but are not the real services.
Service Virtualization by its means simplifies the issues faced by a Service-Oriented Architecture [SOA] testing strategy. By providing a virtual set-up of services, it speeds up the testing and development process.
A quick example that I could think of is “market data” provided by Bloomberg, Reuters, ACTIVE, WOMBAT that is the lifeline of many investment firms. But for a tester to test the market data scenarios they are connected either with a simulator or a different service that stores the recorded data [ a replica of live data].
By connecting to a virtual service, testing is continuous, and the live environment does not get affected.
How Service Virtualization Could Enhance Agile Testing
Technology is making things simpler for the end users, but complexity is hidden beneath under wraps giving a tough time to developers and testers. Be it chatbots, Pokemon Go or a virtual reality venture showcasing you hotel suites from your living room, the building/testing of tools and apps is not simple enough. To streamline the testing/developing process service virtualization when combined with #Agile becomes handy –
- Get Continuous – Bid goodbye to delays and waiting time for services from production, DevOps could now leverage virtual services and boost continuous testing.
- Integration is Seamless – With virtual services present at your disposal, integration testing is just a matter of connection and few clicks.
- Real Time Analysis – With virtual services, the analysis could be done real time helping in finding issues at an early stage.
- Cost Efficient – With increased complexity of components, simulating them for development/testing environment could be a risky affair. Service virtualization helps in reducing that cost but still provides the benefit of a real-life scenario.
- Enables Parallel Testing – With virtual services, testers/QA could test the pre-prod/UAT environment in parallel accelerating time-to-market and providing a quality software.
- Competitive Advantage – With Service Virtualization firms could process parallel development, quick fixes and boost quality that provides an added benefit when compared to companies following the linear development strategy.
- Good fit to ever changing requirements – In agile when requirements are ever-evolving, virtual services with their flexibility and easy-to-use parameters helps in maintaining the continuity and still follow the Agile process.
- Collaborate, Share and Grow – With multiple teams working on the assets, it gets tough to share the resources in Agile, but service virtualization facilitates on-demand access to resources anytime to any group.
- Test anytime – With virtual services you can test anytime, be it functional, integration or performance testing.
As in our last post, we saw “ The Best Practices of Continuous Agile Testing” we know continuity is the key for any software/tool to survive. With service virtualization, we are a step closer to make it continuous agile and quality-assured!