Articles by Hyrum Anderson

This first post of two motivates the "why" and explores the "how" behind malware prevention via supervised machine learning in Elastic Endpoint Security.


Extending EMBER

Today, we’d like to announce a new release of EMBER (Endgame Malware BEnchmark for Research), our open source benchmark dataset.

Openness and transparency are adjectives to which our community should aspire. But, where’s the bright line that one shouldn’t cross?

Presenting a powerful technique to detect domains created by domain generation algorithms (DGAs) that performs far better than “state-of-the-art” methods.

Machine learning is a fashionable buzzword right now in infosec, and is often referenced as the key to next-gen, signature-less security. But along with all of..