OXFORD, U.K. — Novembro 4, 2021 —

Sophos, a global leader in next-generation cybersecurity, today announced that SophosAI team members are presenting innovative security machine learning research at three industry events in November, including CAMLIS, the NVIDIA GTC conference and Black Hat Europe.

“At SophosAI, we believe progress in machine learning for information security is as much about transparency and clear communication as it is about experimentation and technology. In short, we progress, and better fulfill our moral mission to protect people, when we share results and ideas across the boundaries of institutions and enterprise. In support of this vision, we are presenting SophosAI’s work at six talks across three different conferences in November,” said Josh Saxe, chief scientist, Sophos. “These talks are all either invited sessions or peer-reviewed conference paper presentations, validating the soundness and merit of our team’s work. We hope that other teams benefit from our openness, address our weaknesses, and build on our strengths, so that we better advance the efficacy of artificial intelligence in defending cybersecurity.”

The SophosAI Session Line-up  

CAMLIS

Thursday, Nov. 4, 2021, at 4:05 pm to 4:55 pm ET

SOREL-20M: A Large Scale Benchmark Dataset for Malicious PE Detection

Richard Harang and Ethan Rudd, former data scientists at Sophos

Harang and Rudd will present work developed while they were research scientists at Sophos, describing Sophos and ReversingLabs’ SOREL-20M benchmark dataset. SOREL-20M is a milestone in the cybersecurity, because for the first time, it provides researchers with an industrial scale malware and benign ware research dataset for prototyping machine learning malware detection and classification technologies.

Friday, Nov. 5, 2021, at 2:20 pm to 2:40 pm ET

Bad Neighborhoods – Learning Malicious Infrastructure at Internet Scale

Tamas Voros and Konstantin Berlin, data scientists, Sophos, Joshua Saxe, chief scientist, Sophos, and Rich Harang, former data scientist, Sophos

Voros, with Saxe, Berlin and Harang, is presenting research on risk-mapping the IPv4 address space. Voros is showing how creative representations of IPv4 addresses and creative neural representations can help neural networks trained on malicious and benign IP addresses to assign risk to previously unseen IP addresses. He is also discussing how IPv4 risk assignment can significantly boost detection accuracy when incorporated into larger cyberattack detection pipelines.

Friday, Nov. 5, 2021, at 2:20 pm to 2:40 pm ET

Using Undocumented Hardware Performance Counters to Detect Spectre-Style Attacks 

Harini Kannan, data scientist, and Nick Gregory, research engineer, Sophos 

Kannan and Gregory’s talk explains how to use undocumented hardware performance counters to detect spectre-style attacks. Exploiting CPU-level bugs is a trend in the security world, and Kannan and Gregory will demonstrate how machine learning can produce generic, implementation independent detectors for these exploits.  

Friday, Nov. 5, 2021, at 3:55 pm to 4:40 pm ET

Improving Analyst Workflow Using Event Clustering

Awalin Sopan, principal software engineer, Sophos

Sopan is presenting her research and development work around data visualization supporting security machine learning operations. Her work powers SophosAI’s ability to monitor dozens of security machine learning models in the field.

More information on SophosAI’s four presentations is available at CAMLIS’ online schedule.

NVIDIA GTC

Wednesday, Nov. 10, 2021, at 9 am to 9:50 am ET

Operationalizing Cybersecurity Machine Learning Models at a Large Data Science-Focused Security Vendor (Sophos)

Joshua Saxe, chief scientist, Sophos

Saxe is a featured speaker alongside industry leaders Nir Zurk, chief technology officer, Palo Alto Networks, and Gera Dorfman, vice president of Network Security, Checkpoint Software Technologies. Saxe is showcasing how SophosAI operates a machine learning portfolio that defends tens of millions of devices from cyberattack. He is also discussing SophosAI’s research, development and operational practices and technologies.

Black Hat Europe

Thursday, Nov. 11, 2021, at 10:20 am to 11 am ET (virtual)

No More Secret Sauce! How we can Power Real Security Machine Learning Progress Through Open Algorithms and Benchmarks

Joshua Saxe, chief scientist, Sophos

In this talk, Saxe is making the case for open science in security machine learning, arguing that for too long security machine learning has lacked public benchmark datasets and open publishing practices. Saxe is proposing a set of steps that the artificial intelligence community needs to take to make progress against the hardest cybersecurity challenges.

For interviews with SophosAI’s experts or more information about the six talks, please contact: sophos@marchcomms.com.

Sobre a Sophos

A Sophos é líder mundial em soluções inovadoras e avançadas em segurança que defendem contra ataques cibernéticos, incluindo o serviço MDR (Managed Detection and Response) e serviços de resposta a incidentes, além de um amplo portfólio de tecnologias de segurança de endpoint, rede, e-mail e nuvem. Uma das maiores provedoras globais pure-play de segurança cibernética, a Sophos se incumbe da defesa de mais de 600.000 organizações e de mais de 100 milhões de usuários contra adversários ativos, ransomwares, phishing, malwares e outros ataques. Os produtos e serviços da Sophos são interconectados através do painel de gerenciamento do Sophos Central e administrados pelo Sophos X-Ops, a unidade de inteligência de ameaças da empresa que oferece abrangência entre domínios. A inteligência do Sophos X-Ops otimiza todo o ecossistema de segurança cibernética adaptativa da Sophos, que inclui um Data Lake centralizado que se utiliza de um rico acervo de APIs abertas disponíveis para clientes, parceiros, desenvolvedores e outros fornecedores de cibersegurança e tecnologia da informação. A Sophos oferece Cybersecurity as a Service para as organizações que necessitam de soluções de segurança gerenciada. O cliente também pode gerenciar a sua própria segurança cibernética, utilizando a plataforma de operações de segurança da Sophos, ou operar seguindo uma abordagem híbrida para complementar suas equipes internas com os serviços da Sophos, como a caça e remediação de ameaças. A venda de produtos e serviços da Sophos é feita por parceiros revendedores e provedores de serviços gerenciados (MSP) em todo o mundo. A Sophos está sediada em Oxford, no Reino Unido. Mais informações se encontram disponíveis no site www.sophos.com.