I was reading about how Carbon Black, an endpoint detection and response (EDR) service, was exposing customer data via a 3rd party API service they were using. The endpoint detection and response provider allows customers to optionally scan system and program files using the VirusTotal service. Carbon Black did not realize that premium subscribers of the VirusTotal service get access to the submitted files, allowing a company or government agency with premium access to VirusTotal's application programming interface (API) to mine those files for sensitive data. It provides a pretty scary glimpse at the future of privacy and security in a world of 3rd party APIs if we don't think deeply about the solutions we bake into our applications and services. Each API we bake into our applications should always be scrutinized for privacy and security concerns, making sure end-users aren't being subjected to unnecessary situations.

Artificial intelligence (AI) and machine learning (ML) have been marketed as game-changing technologies amid the climbing number of breaches, increased prevalence of non-malware attacks and the waning efficacy of legacy antivirus (AV). Yet doubts still persist, especially when they're used in siloes. For now, it appears to be a fledgling space. According to Carbon Black's Behind the Hype report on the subject, nearly two-thirds (64%) of security researchers said they've seen an increase in non-malware attacks since the beginning of 2016; and, the vast majority (93%) of security researchers said non-malware attacks pose more of a business risk than commodity malware attacks. This group of attacks include remote logins (55%); WMI-based attacks (41%); in-memory attacks (39%); PowerShell-based attacks (34%); and attacks leveraging Office macros (31%).

The research, which Carbon Black says looked "Beyond the Hype" found that the roles of AI and ML in preventing cyber-attacks have been met with both hope and skepticism. The vast majority (93 percent) of the 400 security researchers interviewed while conducting this research said non-malware attacks pose more of a business risk than commodity malware attacks, and more importantly that these are often not stopped by traditional anti-virus offerings. Mike Viscuso, co-founder and CTO of Carbon Black told SC Media UK: "Researchers have reported seeing an increase in the number, and sophistication, of non-malware attacks. These attacks are specifically designed to evade file-based prevention mechanisms and leverage native operating system tools to keep attackers under the radar." One respondent explained: "Most users seem to be familiar with the idea that their computer or network may have accidentally become infected with a virus, but rarely consider a person who is actually attacking them in a more proactive and targeted manner."

AI is helping cybersecurity but researchers are warning about over-promising. Cybersecurity pros shouldn't rely on artificial intelligence and machine learning just yet, according to a new report. The report from security firm Carbon Black, which surveyed 410 cybersecurity researchers and 74 percent said that AI-driven security solutions are flawed, citing "high false-positive rates", while 70 percent claimed attackers can bypass machine learning techniques. The respondents did not write off AI or machine learning as unhelpful but rather said that they just aren't there yet and cannot be solely relied on to make big decisions when it comes to security. AI and machine learning should be used "primarily to assist and augment human decision making," said the report.

The output of this task is a series of predictions about binaries' potential maliciousness and relationships to known malware families. These predictions are validated against outside intelligence.