Articles by Disha Dasgupta


ProblemChild: Generate alerts to detect living-off-the-land attacks

In this blog post, we walk through our release of a fully trained detection model, anomaly detection configurations, and detection rules that you can use to get your ProblemChild framework up and running in your environment in minutes.


ProblemChild: Detecting living-off-the-land attacks using the Elastic Stack

In this blog, learn how you can use Elastic machine learning to create your own ProblemChild framework to detect living-off-the-land (LOtL) activity in Windows process event data.


Beware Steep Decline: Understanding Model Degradation In Machine Learning Models

Machine learning (ML) models are often designed to make predictions about future data. However, over time many models’ predictive performance decreases as a giv


Opening the machine learning black box with model interpretability

By understanding why a model classifies a binary as benign or malicious, security practitioners are better equipped to remediate an alert.