A Home Grown Machine Learning Pipeline for the Security Incident Response Team (SIRT)
Security Incident Response Teams (SIRT) have a blend of infrastructures, disparate logs and data sets, a SEIM, ticketing systems and a need for analytics to better serve and improve their firm's detective cyber security control posture and incident response capabilities. An analytics platform that can be robust, stable, compliant, version controlled and automated to deploy analytics to better serve SIRTs missions are the goals to be discussed. An additional use case of implementing a machine learning application and API service to predict Domain Generating Algorithms with the integrated data science pipeline and platform is also discussed and used as a reference.
Key Takeaways: • Implementing Data Solutions is hard • Machine Learning development should be treated differently from software engineering development • There are viable implementations of machine learning within the cyber security domain
Brennan is a self-proclaimed data nerd. He has been working in the financial industry for the past 10+ years and is striving to save the world with a little help from our machine friends. He has held cyber security, data scientist, and leadership roles at JP Morgan Chase, the Federal Reserve Bank of New York, Bloomberg, and Goldman Sachs. Brennan holds a masters' degree in Business Analytics from New York University and participates in the data science community with his non-profit pro-bono work at DataKind, and as a co-organizer for the NYU Data Science and Analytics Meetup. Brennan is also an instructor at the New York Data Science Academy and teaches data science courses in R and Python.