True AI/ML vs. Glorified Signature-Based Solutions

Once again, the RSA conference is fast approaching, and that means it's time for the latest round of security buzzword bingo. To be sure, artificial intelligence (AI) and machine learning (ML) will be everywhere at the show. You can be certain that the halls at Moscone will be packed full of vendors pitching new security offerings that claim to use AI/ML, and there will be a glut of competitive messaging at all the other security shows, as some vendors seek to further confuse the marketplace. But the fact is, what they want to sell you are merely tools that use technology loosely based on the tenets of AI/ML, but are actually nothing more than repackaged offerings that rely on glorified signature-based security strategies. The technology the majority of these vendors are developing is basically the same type of stuff that emerged in the 1970's, and that companies were clamoring about back in the 1980's – versions of'expert systems' that have not proven to be very useful in most cases, and led to the long AI/ML winter from which we have only recently emerged.