Anti-Exfil: The Is-Self, Not-Self Solution?
via Karen Hao, writing at MIT's Technology Review magazine, reports on a relatively new-and-novel security product monikered Darktrace.
Here's the quote from the organization's co-CEO Nicole Eagan, describing her company's product:
"It’s very much like the human body’s own immune system," says the company’s co-CEO Nicole Eagan. "As complex as it is, it has this innate sense of what’s self and not self. And when it finds something that doesn’t belong—that’s not self—it has an extremely precise and rapid response." - via a report from Karen Hao, writing at MIT's Technology Review
The description of this product is a nearly perfect example of Security Bloviation - and certainly ranks in the top 5% of bombast relating to a company's solution to a difficult problem.
Predicated on my understanding of this product, that is, the functionality deployed (in the effort to foil exfiltration of sensitive (and otherwise) bits), is all about 'algorithmic-based unsupervised-learning', rather than misplaced New Age conceptual witticism attaching some amorphous cognitive "innate" behavior to an agglomeration of bits.
In reality, the product probably works as advertised, regardless of the questionable description proffered by the 'co-CEO'. For me - and many of my Information Security meatspace colleagues, the question is, how long will the product work (until it-too is gamed by our miscreant adversaries) and with what definable level of efficiency?