We’re building the next wave of tools and methodologies to help security and operations teams detect, understand, and respond to advanced cybersecurity threats and attacks on their infrastructure and in the cloud, with automated threat detection, investigation, and deflection capabilities.
Tools + code
Kestrel Threat Hunting Language
Kestrel threat hunting language provides an abstraction for threat hunters to focus on the high-value and composable threat hypothesis development instead of specific realization of hypothesis testing with heterogeneous data sources, threat intelligence, and public or proprietary analytics.View project ↗
SysFlow is a system telemetry framework that enables the creation of security analytics on a scalable, common open-source platform. The backbone of the telemetry pipeline is a compact open data format that lifts the representation of system activities into a flow-centric, object-relational model that reduces event fatigue and is particularly suitable for cloud-wide monitoring, stream analytics, and forensic investigation.View project ↗
ART: Adverserial Robustness Toolbox
A Python library for machine learning security that enables developers and researchers to defend and evaluate machine learning models and applications against the adversarial threats of evasion, poisoning, extraction, and inference.View project ↗
Tech Preview: IBM Security Threat Investigator
Our team's work has been developed into a beta capability for the IBM Cloud Pak for Security. Threat Investigator finds cases that warrant an investigation and automatically starts investigating. It fetches artifacts that are attached to the cases, completes several rounds of data mining and then generates a timeline and MITRE ATT&CK chain graph of the incident.
Ryan Christian, Sharmishtha Dutta, et al.2021ACM CCS 2021
Daniel Bauer, Florian Froese, et al.2021Big Data Research
Frederico Araujo, Sailik Sengupta, et al.2021HICSS 2021
Teryl Taylor, Frederico Araujo, et al.2020Big Data 2020
Frederico Araujo, Teryl Taylor2020ESEC/FSE 2020
Jialong Zhang, Zhongshu Gu, et al.2020DSN 2020