Hi [[ session.user.profile.firstName ]]

Using Machine Learning to Detect Command Line Anomalies

As we all know, cybersecurity is often a game of cat and mouse - attackers are always trying to outsmart us defenders. At Adobe, we face the same issues and concerns as all the other major companies. We must ask ourselves simple questions with non-simple answers: How do we ensure that all assets are protected? How do we ensure that our employees are secure from the outside threats? How can we mitigate future emerging threats? Attackers will always try to find the next unconventional attack that will bypass our security systems and our security mindset. In this case, how do we protect our self from the unknown? We believe machine learning techniques can assist us in this defense. This presentation will discuss one of our current machine learning innovations that is helping us detect anomalies in command lines. Command line interfaces are frequently used by users, system administrators and applications alike. Many applications launch console scripts to perform tasks, especially in cloud services where conformity in service environments is also helpful for security. When they can, attackers do like to leverage those native system capabilities. This presentation will discuss machine learning methods developed by Adobe computer scientists to help detect anomalies in command line scripts and calls to help prevent these types of attacks.
Recorded Nov 13 2018 52 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Andrei Cotaie and Tiberiu Boros of Adobe
Presentation preview: Using Machine Learning to Detect Command Line Anomalies
  • Channel
  • Channel profile
  • Cloud Security Must: Ensuring Least Privilege Dec 17 2020 5:00 pm UTC 60 mins
    Josh Kirkwood, Solutions Engineering Manager, CyberArk
    The principle of least privilege access – in which all human and machine identities should have only the permissions essential to perform their intended function – is a cloud security best practice promoted by cloud providers like Azure, GCP and leading industry frameworks like MITRE ATT&CK and Cloud Security Alliance’s Cloud Controls Matrix. In this webinar, attendees will learn about the risks of overly broad permissions and how to address them.

    What you’ll walk away with:

    - Discover the role of excessive permissions in data breaches
    - Learn best practices for identifying and remediating excessive permissions in cloud environments
    - Explore free and open source tools to gain visibility across multiple cloud environments
    - Develop a plan to continuously verify least privilege and meet regulatory + Industry compliance objectives
  • Navigating Through the Pandemic: A MAVCOM's Cloud Journey Dec 16 2020 3:45 am UTC 45 mins
    ​Ts. Saiful Bakhtiar OSMAN & Soumo MUKHERJEE
    Navigating Through the Pandemic: A MAVCOM's Cloud Journey
    ​Ts. Saiful Bakhtiar OSMAN (Head of ICT, Malaysian Aviation Commission)

    Protecting the Cloud - New Approach
    Soumo MUKHERJEE (Head of Strategy & Architecture - Cyber Security, Petronas)
  • The Rush to Cloud Adoption - Watch Your Steps Dec 16 2020 2:45 am UTC 45 mins
    Moderator: Dr. Hing-Yan LEE, Panelists: FONG Choong Fook, Ser Yoong GOH, Victor LO, Philip VICTOR
    Panel Discussion

    The global pandemic and the associated lockdown in many countries have been an inflexion point in the adoption of cloud computing; we have observed increased usage and adoption. The increased usage as well as new cloud adoption during the current crisis is a positive outcome of the lockdown. The distinguished panel will offer their views and perspectives.
  • Cloud Adoption - Cybersecurity Opportunity, Threats and Practices Dec 16 2020 2:00 am UTC 30 mins
    Ser Yoong GOH (President, ISACA Malaysia Chapter)
    The current COVID19 pandemic outbreak has arguably been a wakeup call for most organizations that faced increasing difficulties operating from the traditional on-premise model. Unknowingly, many organizations might not have been aware that they have been directly or indirectly accessing a wide variety of cloud computing services with services such as Microsoft 0365, emerging technologies such as Internet of Things (IoT) and practices such as big data analytics. As another example, Malaysia's central bank releasing of its Risk Management in Technology (RMiT) guidelines last year has arguably spurred disruption that led to more rapid digital transformation which includes the movement to the cloud within the financial services industry. Based on the guideline's recommendation, financial institutions could adopt cloud services as long as they have performed comprehensive risk assessment prior to the adoption.

    This presentation will deliver awareness of cloud security by covering some of the common cloud risks and potential challenges faced with cloud adoption. There will be sharing as well of appropriate security controls be it from management or assurance perspectives that organizations should consider when moving to the cloud.
  • Cloud Security Landscape: Challenges & it's Possible Solutions Dec 16 2020 1:00 am UTC 45 mins
    Sureen SUBRAMANIAN, Dr. Hing-Yan LEE, Dato' Dr. Haji Amirudin bin Abdul WAHAD
    Sureen SUBRAMANIAN (Chairman, Protem Committee, CSA Malaysia Chapter)

    ​Welcome Remarks
    ​Dr. Hing-Yan LEE (EVP APAC, CSA)

    Opening Keynote - Cloud Security Landscape: Challenges & it's Possible Solutions
    Dato' Dr. Haji Amirudin bin Abdul WAHAD (CEO, Cyber Security Malaysia)

    The topic will cover the current digital landscape whereby the population is now highly connected and due to the global Covid-19 pandemic the interconnectivity also increases exponentially. It also relates to the convergence of technologies, which adds more complexities to the cyberspace. Due to these complexities it has created a lot of concern on the risk to the users, organizations and industries. Apart from that, it has also created opportunities for unscrupulous persons to conduct illegal activities, scams, Denial of Services (DOS) and disruption of businesses online. Over the years, there were a lot of viruses and malwares that created a lot of problems and disruption not only on the personal level but also to giant corporations and nations.​

    The presentation also includes cloud security precautionary measures on how to overcome the security and privacy challenges. Like any other digital technology, cloud computing is also vulnerable and open to cyber abuses and cyber threats which are quite rampant in some parts of the world. Another issue would be about policies governing the usage of cloud computing when the server is based abroad and could only be accessed by a few for importing of data
    domestically. There could be some legal ramifications on such matters.
  • Working From Home: NSFW Dec 15 2020 6:00 pm UTC 60 mins
    Etay Maor, CSO, IntSights
    The biggest shift due to COVID-19 was the immediate move of the workforce to the “home office.” But the "home office" is really just your home environment and your organization’s computer. This leaves employees vulnerable without the comprehensive cyber defense protocols corporate office networks provide. Threat actors have identified this and are actively taking advantage of the situation.

    In this session, we will cover the various attacks targeting the “home office,” how attackers can easily collect data about their targets, and what type of data cybercriminals have been selling in underground forums in the past year.
  • Five Lean Principles of Collaboration for Enhanced Product Security Dec 10 2020 5:00 pm UTC 60 mins
    Sandhya Narayan, Principal Program Manager, Adobe
    Engage early, engage often. Continuously delivering products with enhanced security capabilities in a cross-functional, multi-platform environment is no easy task; It takes a lot of commitment to collaborate and communicate on the part of every individual involved throughout the development process, especially when working with globally dispersed teams.  To overcome these challenges, organizations should leverage five principles of collaboration to help their security and compliance teams collaborate more effectively and efficiently with their product development and operations teams. By adhering to these collaboration principles, organizations can improve efficiencies throughout their products and services while keeping their internal stakeholders happy.

    Join Sandhya Narayan, Principal Program Manager at Adobe, as she discusses these principles and how Adobe applies them to improve collaboration between their security, engineering, and operations teams throughout the company.
  • Driving a Stake in the Heart of the 2020 Beast Dec 9 2020 7:00 pm UTC 60 mins
    Jim Reavis, CEO, Cloud Security Alliance
    In this CloudBytes webinar, Cloud Security Alliance CEO Jim Reavis will go into a hypnotic trance and summons otherworldly forces to banish 2020 and all of its evil incarnations into an endless pit of fire, freeing humanity from its evil clutches. Jim will also review the current state of cybersecurity, how the industry has coped with the unexpected events, how cloud has functioned, how businesses are pivoting and what meaningful lessons we take from the year.
  • Cloud Security Threat Landscape in the New Normal Dec 9 2020 5:15 am UTC 60 mins
    Budi Hermawan, Hana ABRIYANSYAH, Andri PURNOMO, Fransiskus INDROMOJO, Muhammad SUHADA, Densi REFWALU
    Panel Discussion : Cloud Security Threat Landscape in the New Normal
    The pandemic has accelerated the digital transformation initiatives of many organizations in the Indonesia. Local companies jumped to the cloud with survival response as the prime consideration. Join our fellow panelists in this panel discussion on the business impact of the top threats on the Cloud. We will also discuss on the cloud-security-first mindset and how CSA can help the industries in Indonesia in their cloud security journey.

    Moderator: Budi Hermawan (Education Director, CSA Indonesia Chapter)
    Hana ABRIYANSYAH (CISO of Midtrans and VP of Information Security at GO-JEK)
    Andri PURNOMO (VP IT Security, Dana Indonesia)
    Fransiskus INDROMOJO (Senior Technical Specialist, Microsoft Indonesia)
    Muhammad SUHADA (VP Information Technology, PT Blue Bird Tbk)

    Closing Remarks
    Densi REFWALU (Marketing Director, CSA Indonesia Chapter)
  • Threat Intelligence and Cyber Incidents Exchange Dec 9 2020 4:30 am UTC 30 mins
    Setiaji (Head Of Department at ICT - Digital Services of West Java Province)
    CSA Indonesia Virtual Summit 2020
  • Which Threat Intel Should we be Aware of? Dec 9 2020 3:45 am UTC 30 mins
    Rudi LUMANTO (Chairman, Cyber Security Incident and Resilience Team of Indonesia)
    Cyber Threat Intelligence is known as cyber threat knowledge or information which is expected to help implement more effective security controls to provide us with various advantages in building a safe cyber environment. Organizations are then become more proactive rather than reactive to cyber attacks, they are also quicker to mitigate risks and respond to incidents. However, with the rapid development of cyber space and our entry into the industrial era 4.0, threat information become abundant, the biggest challenge for CTI is to provide right information in the right time, so that it will not only technically help but also be useful in decision-making. CTI that only provides non-selective information will eventually become regular news that will not have an impact on increasing cybersecurity awareness. This presentation tries to provide some information on the CTI in Indonesia and see whether it is effective or not to bring awareness to the public or its decision makers. Which intel threat can make us more concerned about our cyber situation?
  • Key Principles and Strategies for Securing the Enterprise Cloud Dec 9 2020 3:00 am UTC 30 mins
    Edwin LIM (Country Director, Fortinet Indonesia)
    (The presentation is in Bahasa Indonesia)

    Customers are turning to the cloud to reduce capital expenses and increase agility as part of their digital innovation (DI) initiatives. Despite the benefits, cloud migration results in business-critical data and services being scattered across clouds and data centers. This leads to an expanded attack surface and a corresponding increase in security risk.
    Some organizations are unknowingly stumbling into a new security paradigm - the shared responsibility model, a model that is built on the assumption that the cloud infrastructure will be secured by cloud providers, while security for services used in the cloud are the responsibility of the organization.
    The Fortinet Security Fabric was purpose-built to close these cloud-driven security gaps through native integration with public cloud infrastructures, a broad set of security services and products, and cross-cloud security management, automation, and analytics.
  • Introduction, Welcome Remarks & Opening Keynote Dec 9 2020 2:00 am UTC 45 mins
    Faisal YAHYA, Dr. Hing-Yan LEE, Semeul Abrijani PANGERAPAN
    CSA Indonesia Virtual Summit 2020

    Faisal YAHYA (Chairman, CSA Indonesia Chapter)

    ​Welcome Message
    Dr. Hing-Yan LEE (EVP APAC, CSA)

    Cloud Computing & Cloud Security Landscape in Indonesia: Challenges & it's Possible Solutions
    Semeul Abrijani PANGERAPAN (Director General of ICT Applications, Ministry of Communication and Information Technology, Indonesia)​
  • The Security Automation Stack Dec 8 2020 6:00 pm UTC 43 mins
    Vinay Venkataraghavan, Technical Director, Office of the CTO - Prisma Cloud, Palo Alto Networks
    Infrastructure as Code and Security Automation for Container Native Applications

    Competition and the pursuit for business superiority is shortening product to market cycles, requiring enterprises to reevaluate current application architectures. It doesn’t take long to come to the conclusion that the “right” solution requires embarking on a journey of digital transformation, involving the rapid adoption of the cloud, containers, microservices and devops processes. However, the combination of deploying container native applications at scale, as immutable infrastructure and frequent deploy and tear down cycles, has required DevOps to automate all aspects of the infrastructure as well as security.

    In this talk we introduce the “Cloud Security Automation Stack”, which is a framework for representing all aspects of infrastructure and security as code, coupled with automation, applied throughout the build, deploy and run phases. In this manner DevOps and Security teams leverage automation and infrastructure as code with security natively injected at the appropriate points, in order to secure critical cloud native assets. Additionally, in this talk we will demo the adoption of the Cloud Security Automation Stack to comprehensively secure microservices running as containers on the Kubernetes platform.
  • Weathering the Storm: Immune System Technology for Cloud & SaaS Dec 3 2020 6:00 pm UTC 60 mins
    Nabil Zoldjalali, Director of Cloud Security, Darktrace
    As workforces look to remain remote for the long term, the cloud has become ubiquitous. Yet human security professionals relying only on conventional security tools continue to struggle to secure the complexity of today’s hybrid and multi-cloud topologies - in fact, only 22% of organizations feel they have adequate visibility into their cloud applications and infrastructure.

    Businesses are increasingly turning to AI as a uniquely dynamic solution to detect and defend from novel threats that emerge on cloud and SaaS environments – which the global workforce continues to rely on in today’s remote working landscape.

    Discussion will include exploration of the latest cloud and SaaS real-world threat trends including:
    - A malicious file download in Box.com
    - Crypto-mining malware inadvertently installed
    - Developer misuse of AWS cloud infrastructure
  • Best Practices for Implementing a Secure DevOps Toolchain Dec 1 2020 6:00 pm UTC 60 mins
    Randy Franklin, VP and Market GM, and William Kokolis, DevOps Practice Lead, Terazo & Bryan Jones, Solutions Architect, Cloud
    Shifting security left empowers DevOps teams to create secure software and infrastructure by giving them the tools and indicators to detect and mitigate potential security problems prior to release. Learn how your DevOps teams can take ownership of your security posture by implementing gating functions that prevent insecure software from being promoted to production.

    Join this webinar, as Terazo covers the governance and technical aspects of implementing DevSecOps. They will discuss the stages and actions they take to improve the resiliency of software development and delivery, including:

    Continuous Integration
    ● Developer Training
    ● Static/Dynamic Application Security Testing
    ● Software Composition Analysis

    Continuous Deployment
    ● Infrastructure Provisioning
    ● Secrets Management

    Continuous Configuration Automation
    ● Automated Release Automation
    ● Configuration State Reporting

    Continuous Monitoring
    ● Penetration testing
    ● Runtime Application Protection

    This webinar will include a demonstration of integrating a cloud security platform into a CI/CD pipeline.
  • Journey to Cloud Adoption Recorded: Nov 25 2020 32 mins
    Ou PHANNARITH, Mok KHEMERA, Dr. Hing-Yan LEE , Nipaul LONG
    Panel Discussion

    Moderator: ​Ou PHANNARITH (Director of ICT Security, MPTC, Cambodia)

    Panelists :
    ​Mok KHEMERA (Director of E-Government)
    Dr. Hing-Yan LEE (EVP, CSA APAC) ​
    Nipaul LONG (CTO, PlasGate Co., Ltd.)
  • Securing the Cloud via CCSK Recorded: Nov 25 2020 21 mins
    Ekta MISHRA (APAC Membership Director & Country Manager - India)
    Securing the Cloud via CCSK
  • Cloud Security 101 Recorded: Nov 25 2020 25 mins
    Sarbojit M BOSE (Education Director, CSA Singapore Chapter & CCSK Instructor)
    Cloud Security 101
  • ICT Development in Cambodia Recorded: Nov 25 2020 17 mins
    ​Mok KHEMERA (Director of E-Government, Ministry of Post and Telecommunications, Cambodia)
    ICT Development in Cambodia
Educational series on cloud computing, security and privacy.
CSA CloudBytes was launched as a webinar series to help us educate the industry on all matters related to the cloud. Our channel is designed to inform our audience about trending topics, new technologies, and latest research. It also allows audience members the opportunity to earn (ISC)2 CPE Credits.

Learn more at cloudsecurityalliance.org. Join the Cloud Security Alliance on LinkedIn and follow us on twitter: @cloudsa

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Using Machine Learning to Detect Command Line Anomalies
  • Live at: Nov 13 2018 5:00 pm
  • Presented by: Andrei Cotaie and Tiberiu Boros of Adobe
  • From:
Your email has been sent.
or close