We recently launched SnortML – our new machine learning exploit detection engine designed to detect novel attacks fitting known vulnerability types.
Now, we have released a SnortML training video featuring Cisco Talos security researcher (and SnortML developer) Brandon Stultz. This video covers how SnortML addresses the zero-day problem, the vulnerability classes it is currently trained on, and a dive into neural networks.
The training concludes a model development lab where you will see Brandon create a new model to detect a SQL injection attack.
We hope you enjoy this training and are able to develop a good understanding of SnortML’s capabilities. We look forward to hearing your use cases for the models you create based on SnortML.
You can find the SnortML and LibML code on GitHub. You can also join the conversation on our Discord or on the Snort users mailing list if you have any questions or feedback.