Machine learning is the use of artificial intelligence (AI) to help security systems process vast amounts of data and learn from that data. Machine learning involves access to large quantities of data — often far more than the 90 days worth of security logs held in SIEM systems — and advanced mathematical theory employed by data scientists and other professionals. This is an advanced toolset used in security, and it looks for the patterns and outliers that identify security issues not readily visible through other tools or by other professionals, such as threat hunters. Patterns can be identified and defenses can be put up across the security infrastructure for more proactive threat prevention.
↑