Here is a fun one: our new paper “Assessing the Impact of Machine Learning on Security” just went up. It contains [the product of the] brains of at least 2 PhDs. Also, it contains AI [well, vendors lie about it, why can’t we? :-)], AI sells.
The abstract states: “Security and risk management technical professionals are flooded with artificial intelligence and machine learning marketing from vendors. This research explores real-world examples to assess the effectiveness of AI and ML approaches in improving security posture.”
Some of my favorite quotes are below:
- “Gartner clients should focus on improved outcomes and specific use cases when evaluating the suitability of ML-based security tools. ML approaches are most suitable in situations where traditional methods are intractable, inefficient or simply impossible, and where relevant data of high quality is sufficiently available.”
- “SaaS tool vendors and service providers that can harness data from many clients are expected to pull ahead of their security ML competitors, since their algorithms will be trained on a diverse and expanding set of security scenarios.”
- “Judging an ML tool by its algorithms is akin to judging software by its programming language.” <- yes, we have pithy quotes! This one I think was made by Anna.
- “Does “artificial intelligence” automatically mean “better product” today in security? Frankly, no.”
- “Some examples of unintentionally unhelpful descriptions of ML-based security products include: […] Cool-sounding, but niche, language. Some vendors will use very domain-specific terminology when they engage with you. “Ontologies,” “knowledge representations” and “ensemble learning” are all real, powerful and very cool ideas, but they don’t help you decide if the product you are considering will meet your needs.”
Past blogs announcing papers:
- Our “Applying Network-Centric Approaches for Threat Detection and Response” Paper Publishes
- Our Updated “Applying Deception Technologies and Techniques to Improve Threat Detection and Response” (2019) Publishes
- All My Research Published in 2018
The Gartner Blog Network provides an opportunity for Gartner analysts to test ideas and move research forward. Because the content posted by Gartner analysts on this site does not undergo our standard editorial review, all comments or opinions expressed hereunder are those of the individual contributors and do not represent the views of Gartner, Inc. or its management.