OXFORD, U.K. — Noviembre 4, 2021 —

Sophos, a global leader in next-generation cybersecurity, today announced that SophosAI team members are presenting innovative security machine learning research at three industry events in November, including CAMLIS, the NVIDIA GTC conference and Black Hat Europe.

“At SophosAI, we believe progress in machine learning for information security is as much about transparency and clear communication as it is about experimentation and technology. In short, we progress, and better fulfill our moral mission to protect people, when we share results and ideas across the boundaries of institutions and enterprise. In support of this vision, we are presenting SophosAI’s work at six talks across three different conferences in November,” said Josh Saxe, chief scientist, Sophos. “These talks are all either invited sessions or peer-reviewed conference paper presentations, validating the soundness and merit of our team’s work. We hope that other teams benefit from our openness, address our weaknesses, and build on our strengths, so that we better advance the efficacy of artificial intelligence in defending cybersecurity.”

The SophosAI Session Line-up  

CAMLIS

Thursday, Nov. 4, 2021, at 4:05 pm to 4:55 pm ET

SOREL-20M: A Large Scale Benchmark Dataset for Malicious PE Detection

Richard Harang and Ethan Rudd, former data scientists at Sophos

Harang and Rudd will present work developed while they were research scientists at Sophos, describing Sophos and ReversingLabs’ SOREL-20M benchmark dataset. SOREL-20M is a milestone in the cybersecurity, because for the first time, it provides researchers with an industrial scale malware and benign ware research dataset for prototyping machine learning malware detection and classification technologies.

Friday, Nov. 5, 2021, at 2:20 pm to 2:40 pm ET

Bad Neighborhoods – Learning Malicious Infrastructure at Internet Scale

Tamas Voros and Konstantin Berlin, data scientists, Sophos, Joshua Saxe, chief scientist, Sophos, and Rich Harang, former data scientist, Sophos

Voros, with Saxe, Berlin and Harang, is presenting research on risk-mapping the IPv4 address space. Voros is showing how creative representations of IPv4 addresses and creative neural representations can help neural networks trained on malicious and benign IP addresses to assign risk to previously unseen IP addresses. He is also discussing how IPv4 risk assignment can significantly boost detection accuracy when incorporated into larger cyberattack detection pipelines.

Friday, Nov. 5, 2021, at 2:20 pm to 2:40 pm ET

Using Undocumented Hardware Performance Counters to Detect Spectre-Style Attacks 

Harini Kannan, data scientist, and Nick Gregory, research engineer, Sophos 

Kannan and Gregory’s talk explains how to use undocumented hardware performance counters to detect spectre-style attacks. Exploiting CPU-level bugs is a trend in the security world, and Kannan and Gregory will demonstrate how machine learning can produce generic, implementation independent detectors for these exploits.  

Friday, Nov. 5, 2021, at 3:55 pm to 4:40 pm ET

Improving Analyst Workflow Using Event Clustering

Awalin Sopan, principal software engineer, Sophos

Sopan is presenting her research and development work around data visualization supporting security machine learning operations. Her work powers SophosAI’s ability to monitor dozens of security machine learning models in the field.

More information on SophosAI’s four presentations is available at CAMLIS’ online schedule.

NVIDIA GTC

Wednesday, Nov. 10, 2021, at 9 am to 9:50 am ET

Operationalizing Cybersecurity Machine Learning Models at a Large Data Science-Focused Security Vendor (Sophos)

Joshua Saxe, chief scientist, Sophos

Saxe is a featured speaker alongside industry leaders Nir Zurk, chief technology officer, Palo Alto Networks, and Gera Dorfman, vice president of Network Security, Checkpoint Software Technologies. Saxe is showcasing how SophosAI operates a machine learning portfolio that defends tens of millions of devices from cyberattack. He is also discussing SophosAI’s research, development and operational practices and technologies.

Black Hat Europe

Thursday, Nov. 11, 2021, at 10:20 am to 11 am ET (virtual)

No More Secret Sauce! How we can Power Real Security Machine Learning Progress Through Open Algorithms and Benchmarks

Joshua Saxe, chief scientist, Sophos

In this talk, Saxe is making the case for open science in security machine learning, arguing that for too long security machine learning has lacked public benchmark datasets and open publishing practices. Saxe is proposing a set of steps that the artificial intelligence community needs to take to make progress against the hardest cybersecurity challenges.

For interviews with SophosAI’s experts or more information about the six talks, please contact: sophos@marchcomms.com.

Acerca de Sophos

Sophos es una empresa innovadora y líder mundial de soluciones de ciberseguridad avanzadas, que incluyen servicios de detección y respuesta gestionadas (MDR) y de respuesta a incidentes y un amplio catálogo de tecnologías para endpoint, red, correo electrónico y seguridad en la nube que ayuda a las organizaciones a vencer cualquier ciberataque. Como uno de los mayores proveedores especializados exclusivamente en la ciberseguridad, Sophos protege a más de 500 000 organizaciones y a más de 100 millones de usuarios globalmente de adversarios activos, ransomware, phishing, malware y mucho más. Los servicios y productos de Sophos se conectan a través de su consola de administración de Sophos Central basada en la nube y utilizan Sophos X-Ops, la unidad de información sobre amenazas multidominio de la empresa. La información de Sophos X-Ops optimiza todo el Sophos Adaptive Cybersecurity Ecosystem, que incluye un lago de datos centralizado que se sirve de un completo conjunto de API abiertas disponibles para clientes, partners, desarrolladores y otros proveedores de ciberseguridad y de tecnología de la información. Para las organizaciones que necesitan soluciones de seguridad integrales y totalmente gestionadas, Sophos ofrece la ciberseguridad como servicio. Aunque los clientes también pueden gestionar su ciberseguridad directamente mediante la plataforma de operaciones de seguridad de Sophos o utilizar un enfoque híbrido reforzando sus equipos internos con los servicios de Sophos, que incluyen la búsqueda y remediación de amenazas. Sophos vende a través de partners distribuidores y proveedores de servicios gestionados (MSP) en todo el mundo. Sophos tiene su sede en Oxford, Reino Unido. Encontrará más información en www.sophos.com.