OXFORD, U.K. — Novembre 4, 2021 —

Sophos, a global leader in next-generation cybersecurity, today announced that SophosAI team members are presenting innovative security machine learning research at three industry events in November, including CAMLIS, the NVIDIA GTC conference and Black Hat Europe.

“At SophosAI, we believe progress in machine learning for information security is as much about transparency and clear communication as it is about experimentation and technology. In short, we progress, and better fulfill our moral mission to protect people, when we share results and ideas across the boundaries of institutions and enterprise. In support of this vision, we are presenting SophosAI’s work at six talks across three different conferences in November,” said Josh Saxe, chief scientist, Sophos. “These talks are all either invited sessions or peer-reviewed conference paper presentations, validating the soundness and merit of our team’s work. We hope that other teams benefit from our openness, address our weaknesses, and build on our strengths, so that we better advance the efficacy of artificial intelligence in defending cybersecurity.”

The SophosAI Session Line-up  

CAMLIS

Thursday, Nov. 4, 2021, at 4:05 pm to 4:55 pm ET

SOREL-20M: A Large Scale Benchmark Dataset for Malicious PE Detection

Richard Harang and Ethan Rudd, former data scientists at Sophos

Harang and Rudd will present work developed while they were research scientists at Sophos, describing Sophos and ReversingLabs’ SOREL-20M benchmark dataset. SOREL-20M is a milestone in the cybersecurity, because for the first time, it provides researchers with an industrial scale malware and benign ware research dataset for prototyping machine learning malware detection and classification technologies.

Friday, Nov. 5, 2021, at 2:20 pm to 2:40 pm ET

Bad Neighborhoods – Learning Malicious Infrastructure at Internet Scale

Tamas Voros and Konstantin Berlin, data scientists, Sophos, Joshua Saxe, chief scientist, Sophos, and Rich Harang, former data scientist, Sophos

Voros, with Saxe, Berlin and Harang, is presenting research on risk-mapping the IPv4 address space. Voros is showing how creative representations of IPv4 addresses and creative neural representations can help neural networks trained on malicious and benign IP addresses to assign risk to previously unseen IP addresses. He is also discussing how IPv4 risk assignment can significantly boost detection accuracy when incorporated into larger cyberattack detection pipelines.

Friday, Nov. 5, 2021, at 2:20 pm to 2:40 pm ET

Using Undocumented Hardware Performance Counters to Detect Spectre-Style Attacks 

Harini Kannan, data scientist, and Nick Gregory, research engineer, Sophos 

Kannan and Gregory’s talk explains how to use undocumented hardware performance counters to detect spectre-style attacks. Exploiting CPU-level bugs is a trend in the security world, and Kannan and Gregory will demonstrate how machine learning can produce generic, implementation independent detectors for these exploits.  

Friday, Nov. 5, 2021, at 3:55 pm to 4:40 pm ET

Improving Analyst Workflow Using Event Clustering

Awalin Sopan, principal software engineer, Sophos

Sopan is presenting her research and development work around data visualization supporting security machine learning operations. Her work powers SophosAI’s ability to monitor dozens of security machine learning models in the field.

More information on SophosAI’s four presentations is available at CAMLIS’ online schedule.

NVIDIA GTC

Wednesday, Nov. 10, 2021, at 9 am to 9:50 am ET

Operationalizing Cybersecurity Machine Learning Models at a Large Data Science-Focused Security Vendor (Sophos)

Joshua Saxe, chief scientist, Sophos

Saxe is a featured speaker alongside industry leaders Nir Zurk, chief technology officer, Palo Alto Networks, and Gera Dorfman, vice president of Network Security, Checkpoint Software Technologies. Saxe is showcasing how SophosAI operates a machine learning portfolio that defends tens of millions of devices from cyberattack. He is also discussing SophosAI’s research, development and operational practices and technologies.

Black Hat Europe

Thursday, Nov. 11, 2021, at 10:20 am to 11 am ET (virtual)

No More Secret Sauce! How we can Power Real Security Machine Learning Progress Through Open Algorithms and Benchmarks

Joshua Saxe, chief scientist, Sophos

In this talk, Saxe is making the case for open science in security machine learning, arguing that for too long security machine learning has lacked public benchmark datasets and open publishing practices. Saxe is proposing a set of steps that the artificial intelligence community needs to take to make progress against the hardest cybersecurity challenges.

For interviews with SophosAI’s experts or more information about the six talks, please contact: sophos@marchcomms.com.

Informazioni su Sophos

Sophos, leader mondiale e innovatore nelle soluzioni di sicurezza avanzate per neutralizzare i cyberattacchi, tra cui servizi MDR (Managed Detection and Response) e incident response, mette a disposizione delle aziende un’ampia gamma di soluzioni di sicurezza per endpoint, network, email e cloud al fine di supportarle nella lotta ai cyber attacchi. In quanto uno dei principali provider di cybersecurity, Sophos protegge oltre 600.000 realtà e più di 100 milioni di utenti a livello globale da potenziali minacce, ransomware, phishing, malware e altro. I servizi e le soluzioni di Sophos vengono gestiti attraverso la console Sophos Central, basata su cloud, e si incentra su Sophos X-Ops, l'unità di threat intelligence cross-domain dell'azienda. Sophos X-Ops ottimizza l’intero ecosistema adattivo di cybersecurity di Sophos, che include un data lake centralizzato, che si avvale di una ricca serie di API aperti, resi disponibili ai clienti, ai partner, agli sviluppatori e ad altri fornitori di cyber security e information technology. Sophos fornisce cybersecurity as a service alle aziende che necessitano di soluzioni chiavi in mano interamente gestite. I clienti possono scegliere di gestire la propria cybersecurity direttamente con la piattaforma di Sophos per le operazioni di sicurezza o di adottare un approccio ibrido, integrando i propri servizi con quelli di Sophos, come il threat hunting e la remediation. Sophos distribuisce i propri prodotti attraverso partner e fornitori di servizi gestiti (MSP) in tutto il mondo. Sophos ha sede a Oxford, nel Regno Unito. Ulteriori informazioni sono disponibili su www.sophos.it.