The Role of Machine Learning in Network Traffic Analysis
Network Traffic Analysis (NTA) is a critical component of a detection and response security strategy. It provides necessary visibility of north/south and east/west traffic. NTA uses a combination of methods—rules and signatures, advanced analytics, and machine learning to identify suspicious activity on enterprise networks. Machine Learning (ML) based Anomaly Detection is a core approach for analyzing traffic to determine anomalous activity that rule-based approaches are likely to miss. With ever increasing stealth, speed, and scale of cyberattacks, it makes sense for cybersecurity teams to use ML-based detections as part of their overall defense.
In this webinar, we’ll examine:
- What capabilities should be included in a Network Traffic Analysis solution?
- What is Machine Learning and what role it can play in NTA?
- How to apply Machine Learning to detect anomalous behavior? We will focus on Insider Threat and Lateral Movement as two examples.