Free the CISO, a podcast series that attempts to free CISOs from their shackles so they can focus on securing their organization, is produced by CIO.com in partnership with DataBee®, from Comcast Technology Solutions.
In each episode, Robin Das, Executive Director at Comcast under the DataBee team, explores the CISO’s role through the position’s relationship with other security stakeholders, from regulators and the Board of Directors to internal personnel and outside vendors.
BluVector: Revolutionizing Malware Detection with Machine Learning
In the ever-evolving landscape of cybersecurity, the need for advanced malware detection technologies has never been more critical. Enter BluVector, by Comcast, an innovative network detection and response solution designed to address the growing demand for file-based malware detection that doesn't rely on pre-existing knowledge of signatures or patterns.
Let's delve into the origins, current capabilities, and the impact of BluVector on the cybersecurity industry.
BluVector’s Origin Story
BluVector was born out of a pressing need from customers for a robust malware detection capability that could operate independently of traditional signature-based methods. Traditional antivirus solutions often fall short when it comes to detecting new and sophisticated malware, as they rely heavily on known signatures and patterns. BluVector was developed to help bridge this gap, providing a proactive approach to malware detection.
Over a decade of evolution…
Today, BluVector stands as a testament to over a decade of research and development in feature and classifier engineering. By leveraging a vast collection of training data, BluVector has honed its ability to detect both highly targeted advanced malware and new obfuscation techniques that are commonly used to bypass signature-based systems.
One of the standout features of BluVector is its patented approach to machine learning retraining. This innovative method allows for continuous improvement of machine learning detection capabilities without the need to send any private data or files to the vendor. This not only helps enhance privacy but also creates a strong detection capability that is difficult for adversaries to test against.
BluVector is a comprehensive solution that integrates detailed network telemetry, network detection rules, and file analysis through signature, rule, and machine learning engines. This integration empowers analysts by providing intelligent summaries and correlations around every event, enabling them to make informed decisions with far more data than traditional systems offer.
Today’s BluVector: a stronger security posture
Through a decade of relentless research, Comcast’s BluVector has developed revolutionary detection technologies that replace traditional signatures with self-evolving machine learning models. This next-generation security analytic is at the forefront of detecting file-based malware designed to evade antivirus software, mask malicious behaviors in sandbox environments, and subvert traditional network defenses.
Advanced malware can linger undetected for months or even years before being identified and submitted to antivirus vendors for signature creation. Most security tools rely on signatures and Indicators of Compromise (IOCs) from threat feed providers, which are often outdated and only cover known threats. BluVector machine learning models, however, use properties of both malicious and benign files to construct detection models that identify both known and previously unseen malware across networks, cloud environments, and virtual infrastructures.
By expanding detection beyond signatures and threat feeds, BluVector enables organizations to proactively defend against advanced persistent threats, unknown malware, ransomware, and other dangerous tools used by sophisticated adversaries. BluVector classifiers have been trained with a data corpus of over 55 million file samples over the past decade, enabling robust and accurate detection capabilities.
BluVector Machine Learning Engine (MLE) is a patented, supervised machine learning engine (U.S. Patent 9,665,713), developed and refined over 10 years to accurately identify zero-day and polymorphic malware in files. The novel in-situ retraining capability (U.S. Patent 10,121,108) allows for automated, isolated tailoring of MLE classifier models to specific installations without sending any data to BluVector, ensuring privacy and security.
Success Stories: Meeting Diverse Customer Needs
BluVector has proven its value to a diverse range of customers. For sophisticated clients with an array of security tools, BluVector fills a critical detection gap by identifying malware faster than traditional signatures and heuristics. This capability remains as powerful today as it was a decade ago, given the ease with which malware authors can obfuscate files.
For companies with a Security Operations Center (SOC) but lacking a sophisticated Security Information and Event Management (SIEM) practice, BluVector simplifies the process of combining network telemetry and metadata with Network Detection and Response (NDR) events. The detailed metadata and network telemetry provided by BluVector helps enhance analysts' understanding of events, enabling fast and more confident quarantine and remediation decisions.
To sum up, BluVector by Comcast represents a significant leap forward in malware detection technology. By leveraging advanced machine learning models and innovative retraining methods, BluVector offers advanced protection against both known and unknown threats, empowering organizations to be proactive in the ever-evolving cybersecurity landscape.
BluVector: Revolutionizing Malware Detection with Machine Learning
In the ever-evolving landscape of cybersecurity, the need for advanced malware detection technologies has never been more critical. Enter BluVector, by Comcast, an innovative network detection and response solution designed to address the growing demand for file-based malware detection that doesn't rely on pre-existing knowledge of signatures or patterns.
Let's delve into the origins, current capabilities, and the impact of BluVector on the cybersecurity industry.
BluVector’s Origin Story
BluVector was born out of a pressing need from customers for a robust malware detection capability that could operate independently of traditional signature-based methods. Traditional antivirus solutions often fall short when it comes to detecting new and sophisticated malware, as they rely heavily on known signatures and patterns. BluVector was developed to help bridge this gap, providing a proactive approach to malware detection.
Over a decade of evolution…
Today, BluVector stands as a testament to over a decade of research and development in feature and classifier engineering. By leveraging a vast collection of training data, BluVector has honed its ability to detect both highly targeted advanced malware and new obfuscation techniques that are commonly used to bypass signature-based systems.
One of the standout features of BluVector is its patented approach to machine learning retraining. This innovative method allows for continuous improvement of machine learning detection capabilities without the need to send any private data or files to the vendor. This not only helps enhance privacy but also creates a strong detection capability that is difficult for adversaries to test against.
BluVector is a comprehensive solution that integrates detailed network telemetry, network detection rules, and file analysis through signature, rule, and machine learning engines. This integration empowers analysts by providing intelligent summaries and correlations around every event, enabling them to make informed decisions with far more data than traditional systems offer.
Today’s BluVector: a stronger security posture
Through a decade of relentless research, Comcast’s BluVector has developed revolutionary detection technologies that replace traditional signatures with self-evolving machine learning models. This next-generation security analytic is at the forefront of detecting file-based malware designed to evade antivirus software, mask malicious behaviors in sandbox environments, and subvert traditional network defenses.
Advanced malware can linger undetected for months or even years before being identified and submitted to antivirus vendors for signature creation. Most security tools rely on signatures and Indicators of Compromise (IOCs) from threat feed providers, which are often outdated and only cover known threats. BluVector machine learning models, however, use properties of both malicious and benign files to construct detection models that identify both known and previously unseen malware across networks, cloud environments, and virtual infrastructures.
By expanding detection beyond signatures and threat feeds, BluVector enables organizations to proactively defend against advanced persistent threats, unknown malware, ransomware, and other dangerous tools used by sophisticated adversaries. BluVector classifiers have been trained with a data corpus of over 55 million file samples over the past decade, enabling robust and accurate detection capabilities.
BluVector Machine Learning Engine (MLE) is a patented, supervised machine learning engine (U.S. Patent 9,665,713), developed and refined over 10 years to accurately identify zero-day and polymorphic malware in files. The novel in-situ retraining capability (U.S. Patent 10,121,108) allows for automated, isolated tailoring of MLE classifier models to specific installations without sending any data to BluVector, ensuring privacy and security.
Success Stories: Meeting Diverse Customer Needs
BluVector has proven its value to a diverse range of customers. For sophisticated clients with an array of security tools, BluVector fills a critical detection gap by identifying malware faster than traditional signatures and heuristics. This capability remains as powerful today as it was a decade ago, given the ease with which malware authors can obfuscate files.
For companies with a Security Operations Center (SOC) but lacking a sophisticated Security Information and Event Management (SIEM) practice, BluVector simplifies the process of combining network telemetry and metadata with Network Detection and Response (NDR) events. The detailed metadata and network telemetry provided by BluVector helps enhance analysts' understanding of events, enabling fast and more confident quarantine and remediation decisions.
To sum up, BluVector by Comcast represents a significant leap forward in malware detection technology. By leveraging advanced machine learning models and innovative retraining methods, BluVector offers advanced protection against both known and unknown threats, empowering organizations to be proactive in the ever-evolving cybersecurity landscape.
More posts
Discover what DataBee can do for you
