Our “Assessing the Impact of Machine Learning on Security” Published

Here is a fun one: our new paper “Assessing the Impact of Machine Learning on Security” just went up. It contains [the product of the] brains of at least 2 PhDs. Also, it contains AI [well, vendors lie about it, why can’t we? :-)], AI sells.

The abstract states: “Security and risk management technical professionals are flooded with artificial intelligence and machine learning marketing from vendors. This research explores real-world examples to assess the effectiveness of AI and ML approaches in improving security posture.”

Some of my favorite quotes are below:

  • “Gartner clients should focus on improved outcomes and specific use cases when evaluating the suitability of ML-based security tools. ML approaches are most suitable in situations where traditional methods are intractable, inefficient or simply impossible, and where relevant data of high quality is sufficiently available.”
  • “SaaS tool vendors and service providers that can harness data from many clients are expected to pull ahead of their security ML competitors, since their algorithms will be trained on a diverse and expanding set of security scenarios.”
  • “Judging an ML tool by its algorithms is akin to judging software by its programming language.” <- yes, we have pithy quotes! This one I think was made by Anna.
  • “Does “artificial intelligence” automatically mean “better product” today in security? Frankly, no.”
  • “Some examples of unintentionally unhelpful descriptions of ML-based security products include: […] Cool-sounding, but niche, language. Some vendors will use very domain-specific terminology when they engage with you. “Ontologies,” “knowledge representations” and “ensemble learning” are all real, powerful and very cool ideas, but they don’t help you decide if the product you are considering will meet your needs.”


As always, PLEASE PROVIDE YOUR FEEDBACK to the paper via

Past blogs announcing papers:

*** This is a Security Bloggers Network syndicated blog from Anton Chuvakin authored by Anton Chuvakin. Read the original post at: