As cyber security analysts, our job can be challenging. We often face a never-ending backlog of threat intelligence reports, which leaves little time for actual analysis. Manual processing of these reports is time-consuming and can be overwhelming, detracting from the value-adding aspects of our job.
Elemendar’s READ. platform offers a solution. It uses natural language processing and graph-based machine learning to automate the processing of threat intelligence reports, generating STIX graphs that are easily analysed by existing tools. This not only saves analysts time, but also improves the accuracy and completeness of the processed data.
This year, Elemendar continued our collaboration with the Laboratory for Analytic Sciences (LAS) to evaluate the impact of AI-powered augmentation tools like READ. on cyber security analysts. We ran a series of workshops, dividing expert analysts into groups and allowing some to use the ML-powered READ. platform while others worked manually.
The results were promising. Analysts using the AI-powered platform were able to process reports more efficiently and effectively, resulting in improved situational awareness and faster decision-making. However, the workshops also highlighted the inherent scepticism of analysts towards artificial intelligence.
In collaboration with LAS, we have focused on increasing the trust and transparency of our machine learning models. This includes implementing mechanisms for making the inner workings of our models more explainable, such as visible confidence scores.
If you’re a cyber security expert interested in the application of AI in the industry, be sure to check out our previous blog post on confidence here or watch the short video recapping our research with LAS this year that we presented at last week’s symposium in North Carolina.