Much of today’s security is reactive and far too slow. As the volume and complexity of endpoint attacks has continued to grow, legacy approaches have struggled to keep pace. For example, SophosLabs analyzes over 400,000 new malware samples every day. To make meeting this challenge even more difficult, SophosLabs found that 75% percent of malware is unique to a single organization.
Seeing the Future through Intercept X Deep Learning
Deep learning, an advanced form of machine learning, is helping to change the way we approach endpoint security, and Intercept X is leading the charge. By integrating deep learning, Intercept X is changing endpoint security from a reactive to a predictive approach to protect against unknown threats.
While many products claim to use machine learning, not all machine learning is created equally. At Sophos deep learning is used to detect malware. Also referred to as ‘deep learning neural networks’ or ‘neural networks’, deep learning was inspired by the way the human brain works. It is the same type of machine learning often used for facial recognition, natural language processing, self-driving cars, and other advanced fields of computer science and research.
Deep learning has consistently outperformed other machine learning models, including random forest, k-means clustering, or Bayesian networks, but requires vast amounts of data and computational power to build an effective model. This has been made simple thanks to the malware collection and analysis efforts of SophosLabs over the past 30 years and the telemetry that is received from the 100+ million endpoints every single day.
Intercept X Deep Learning
Deep learning has several inherent benefits compared to other types of machine learning commonly used in endpoint security:
Smarter: Deep learning models process data through multiple analysis layers, just like neurons in the human brain, each layer making the model considerably more powerful. It analyzes complex relationships between different input features. This allows it to automatically uncover the best combination and manipulation of inputs that would otherwise be impossible for humans to determine. This means that the Sophos deep learning malware detection model will be able to detect malware that would go unnoticed by other machine learning engines.
More Scalable: Deep Learning elegantly scales to hundreds of millions of training samples. This is important considering that SophosLabs analyzes 2.8 million new malware samples every week. Because it can continue to ingest massive amounts of training data our model can ‘memorize’ the entire observable threat landscape as part of its training process. Since it can process significantly more input, deep learning can more accurately predict threats today while continuing to stay up-to-date over time.
Lighter: Traditional machine learning approaches result in huge model sizes, which can sometimes take many gigabytes on disk. However, Sophos’ deep learning approach results in highly compressed models. The Sophos deep learning model is incredibly small, less than 20MB on the endpoint, with almost zero impact on performance.
For more information and a free trial click here.
JOIN THE CONVERSATION
Share your thoughts and questions in the comment section below. To get the latest news from PCM, follow @PCM on Twitter, join us on Facebook, or connect with us on LinkedIn. To get the latest news sent straight to your inbox, join our newsletter.