WEBVTT 1 00:00:13.666 --> 00:00:14.226 I'm Sutanay. 2 00:00:14.416 --> 00:00:15.886 I'm a senior research scientist 3 00:00:15.886 --> 00:00:17.006 at Pacific Northwest 4 00:00:17.006 --> 00:00:18.236 National Laboratory. 5 00:00:18.546 --> 00:00:20.236 We have developed a technology called 6 00:00:20.236 --> 00:00:22.376 StreamWorks, which can find emerging 7 00:00:22.376 --> 00:00:24.436 patterns of behavior in streaming data. 8 00:00:25.256 --> 00:00:26.276 So the problem we are trying 9 00:00:26.276 --> 00:00:28.576 to solve right now is that most 10 00:00:28.576 --> 00:00:29.966 of cyber security works today 11 00:00:29.966 --> 00:00:31.146 in a very reactive fashion. 12 00:00:31.416 --> 00:00:32.256 Something happens, 13 00:00:32.746 --> 00:00:34.486 in the aftermath we try to dig back 14 00:00:34.486 --> 00:00:36.586 into the data and see what happened. 15 00:00:36.926 --> 00:00:38.936 And what you're trying to change is turn 16 00:00:38.936 --> 00:00:40.576 that reactive mode of operation 17 00:00:40.576 --> 00:00:41.696 into a more proactive mode. 18 00:00:42.086 --> 00:00:45.466 We look for patterns of behavior instead 19 00:00:45.466 --> 00:00:46.566 of looking for exact 20 00:00:46.736 --> 00:00:48.226 or all possible ways an attack 21 00:00:48.226 --> 00:00:48.726 can happen. 22 00:00:49.226 --> 00:00:50.936 Every smart attacker tries 23 00:00:50.936 --> 00:00:52.506 to hide their identity, 24 00:00:53.376 --> 00:00:55.656 but even for them changing the patterns 25 00:00:55.656 --> 00:00:56.846 of behavior is difficult. 26 00:00:57.816 --> 00:00:58.896 Our technology comes 27 00:00:58.896 --> 00:01:00.966 with three major benefits, novelty, 28 00:01:01.566 --> 00:01:02.816 that we are trying 29 00:01:02.816 --> 00:01:05.096 to find behavioral patterns instead 30 00:01:05.096 --> 00:01:07.166 of looking for all possible ways an 31 00:01:07.166 --> 00:01:09.676 attack can emerge; efficiency -- 32 00:01:10.076 --> 00:01:12.046 we have developed new incremental 33 00:01:12.216 --> 00:01:14.346 algorithms that can only look 34 00:01:14.346 --> 00:01:15.856 at the newest information 35 00:01:16.146 --> 00:01:17.616 and does minimal processing 36 00:01:18.006 --> 00:01:18.926 to be efficient. 37 00:01:19.556 --> 00:01:21.386 We take advantage of parallel computing 38 00:01:21.716 --> 00:01:23.916 to even further achieve scaling. 39 00:01:24.376 --> 00:01:25.716 And third is usability. 40 00:01:27.406 --> 00:01:28.756 We address a major gap 41 00:01:28.756 --> 00:01:29.626 in the market today. 42 00:01:29.836 --> 00:01:31.076 There are streaming technologies 43 00:01:31.156 --> 00:01:31.716 and there are graph 44 00:01:31.716 --> 00:01:32.626 database technologies. 45 00:01:32.796 --> 00:01:35.096 But nobody can perform complex graph 46 00:01:35.096 --> 00:01:36.596 pattern matching in streaming fashion. 47 00:01:36.886 --> 00:01:38.266 That's what StreamWorks does. 48 00:01:38.756 --> 00:01:39.776 Stopping cyber-attacks 49 00:01:39.776 --> 00:01:42.016 in their tracks requires finding complex 50 00:01:42.016 --> 00:01:43.946 patterns of behavior in near real-time 51 00:01:44.326 --> 00:01:45.816 and StreamWorks will do that for you.