The Role of Machine Learning in Network Traffic Analysis

Abstract

Network Traffic Analysis (NTA) is a critical component of a detection and response security strategy. It provides necessary visibility of north/south and east/west traffic. NTA uses a combination of methods—rules and signatures, advanced analytics, and machine learning to identify suspicious activity on enterprise networks. Machine Learning (ML) based Anomaly Detection is a core approach for analyzing traffic to determine anomalous activity that rule-based approaches are likely to miss. With ever increasing stealth, speed, and scale of cyberattacks, it makes sense for cybersecurity teams to use ML-based detections as part of their overall defense.

In this webinar, we’ll examine:

  • What capabilities should be included in a Network Traffic Analysis solution?
  • What is Machine Learning and what role it can play in NTA?
  • How to apply Machine Learning to detect anomalous behavior? We will focus on Insider Threat and Lateral Movement as two examples.
Browse all Webinars