Automated Prevention of Ransomware with Machine Learning and GPOs

Posted on in Presentations

This talk will highlight a signature-less method to detect malicious behavior before the delivery of the ransomware payload can infect the machine. The ML-driven detection method is coupled with the automated generation of a Group Policy Object and in this way we demonstrate an automated way to take action and create a policy based on observed IOC’s detected in a zero-day exploit pattern.
Rod Soto


Principal Security Research Engineer, Splunk

Joseph Zadeh


Senior Data Scientist, Splunk

Share With Your Community