Automated Prevention of Ransomware with Machine Learning and GPOs


Posted on in Presentations

This talk will highlight a signature-less method to detect malicious behavior before the delivery of the ransomware payload can infect the machine. The ML-driven detection method is coupled with the automated generation of a Group Policy Object and in this way we demonstrate an automated way to take action and create a policy based on observed IOC’s detected in a zero-day exploit pattern.

Participants
Joseph Zadeh

Senior Data Scientist, Splunk

Rod Soto

Principal Security Research Engineer, Splunk


Share With Your Community