Here is a fun one: our new paper “Assessing the Impact of Machine Learning on Security” just went up. It contains [the product of the] brains of at least 2 PhDs. Also, it contains AI [well, vendors lie about it, why can’t we? :-)], AI sells.
The abstract states: “Security and risk management technical professionals are flooded with artificial intelligence and machine learning marketing from vendors. This research explores real-world examples to assess the effectiveness of AI and ML approaches in improving security posture.”
Some of my favorite quotes are below:
- “Gartner clients should focus on improved outcomes and specific use cases when evaluating the suitability of ML-based security tools. ML approaches are most suitable in situations where traditional methods are intractable, inefficient or simply impossible, and where relevant data of high quality is sufficiently available.”
- “SaaS tool vendors and service providers that can harness data from many clients are expected to pull ahead of their security ML competitors, since their algorithms will be trained on a diverse and expanding set of security scenarios.”
- “Judging an ML tool by its algorithms is akin to judging software by its programming language.” <- yes, we have pithy quotes! This one I think was made by Anna.
- “Does “artificial intelligence” automatically mean “better product” today in security? Frankly, no.”
- “Some examples of unintentionally unhelpful descriptions of ML-based security products include: […] Cool-sounding, but niche, language. Some vendors will use very domain-specific terminology when they engage with you. “Ontologies,” “knowledge representations” and “ensemble learning” are all real, powerful and very cool ideas, but they don’t help you decide if the product you are considering will meet your needs.”
Past blogs announcing papers:
- Our “Applying Network-Centric Approaches for Threat Detection and Response” Paper Publishes
- Our Updated “Applying Deception Technologies and Techniques to Improve Threat Detection and Response” (2019) Publishes
- All My Research Published in 2018
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.