"In this talk, we will discuss detection of three well-defined security problems "adversarial user behavior, lateral movement and insider threat detection" using a relatively untapped data set: shell and session commands. We'll discuss machine learning (ML) techniques needed to analyze this data, present research key findings and describe the effects and mitigations of bias to achieve higher accuracy. Additionally, we will explore techniques for safeguarding ML models based on this data.