Role of AI and ML in Endpoint Security

By Enterprise Security Magazine | Tuesday, December 01, 2020

Artificial intelligence and machine learning have reshaped the business world in the last decade, and endpoint security is no exception to this.

Fremont, CA: Today, conventional approaches to protecting endpoints based on a given device’s hardware characteristics do not deter compromise attempts. To shorten the time, it takes to compromise an endpoint and successfully breach networks, and bad actors use artificial intelligence (AI) and machine learning (ML) to conduct sophisticated attacks. According to Ponemon, they are down to just 7 minutes after including an endpoint and gaining access to internal systems ready to exfiltrate data. At the operating system level, the era of trusted and untrusted domains and “trust but verify” approaches are over. As a result, security software and services spend are soaring, as the above market forecasts show.

Effective technologies for combating increasingly automated, well-orchestrated cyberattacks and breach attempts are proving to be AI and ML. To thwart endpoint security controls and gain access to enterprise systems with an intensity never seen before, attackers combine AI, ML, bots, and new social engineering techniques. Here are a few advantages of AI and ML in endpoint security:

Measure risk scores: It proves to be successful in securing and monitoring access to endpoints by using ML to derive risk scores based on previous behavioral trends, geolocation, time of login, and many other variables. The combination of supervised and unsupervised ML to fine-tune risk scores in milliseconds eliminates fraud prevents attempts to bypass privileged access credentials and protects every identity on the network of an enterprise.

Improve IT asset management: The AI and ML algorithms make direct contributions to greater protection by capitalizing on the core capabilities of ML to enhance IT asset management. IT management and protection programs across enterprises continue to become more interconnected, posing new challenges for the management of endpoint security across each…