Machine Learning Solutions that are currently marketed are not specific to the business, Infrastructure needs and Security team requirements. There are several products that offer machine learning capabilities to enhance the working efficiency of a specific task of a product. Though these capabilities offer enhancement of the respective product or a feature in the cybersecurity defensive and offensive arsenal. Tailoring a specific solution requires a significant effort to be effective.
Here in IARM, We design and build Tailor-made machine learning solutions that prevent security attacks, Forensic evidence, User behaviour analysis, Detect malicious activity, VPN access tracking etc.,
IARM uses Python data science and machine learning modules to review logs from data sources and perform cleansing, feature extraction and vectorize categorical data to apply machine learning algorithms specific to the use case. If customers have sufficient labelled data to create a deployment-ready trained ML Model, we use methods Classification or Neural Networks. But in most cases, customers have data but not labelled as malicious or abnormal, in such cases we use Clustering Anomaly Detection Methods such as KNN or DBScan to create labelled data. Once created the labelled date, we deploy relevant Machine learning models to meet customer objectives. Our machine learning solution uses Elasticsearch to store and search the data along with the Kibana dashboard to visualize and provide in-depth data analytics.
A Government of India enterprise which produces thermal power and fossil fuels has chosen IARM to analyse their Fortinet VPN access by profiling users and to provide user-specific anomaly detection.
IARM uses Logstash and Elasticsearch to collect, store and analyze the logs to extract features. Convert categorical data into vector, clustering, applying labels and then using the labelled data to train the neural network model