Home Security

How Machine Learning Helps With Web App Security

Karen A. Frenkel Avatar

By

Karen A. Frenkel

Updated on:

Get the free newsletter

Subscribe to Daily Tech Insider for top news, trends, and analysis.

This field is required This newsletter requires you to opt in to subscribe.

How Machine Learning Helps With Web App Security

How Machine Learning Helps With Web App SecurityHow Machine Learning Helps With Web App Security

The percentage of data breaches that used web application attacks has grown rapidly. A new report recommends machine learning tech for web app security testing.

U.S. Web Apps Are Top TargetU.S. Web Apps Are Top Target

In Q4 2016, the number of web application attacks grew more than 12% globally. The U.S. remained the most attacked country, with a 72% increase from Q3 2016 to Q4 2016.

Why Hackers Target Web AppsWhy Hackers Target Web Apps

Hackers exploit web applications because they are usually deployed by users, rather than IT, and are a perfect entry point for accessing a company’s backend systems.

First Level of Expertise to Detect ThreatsFirst Level of Expertise to Detect Threats

Level I is based on traditional linear software analysis that can be optimized to quickly detect a long list of vulnerabilities. Even if the analysis is fast and daily, many false positives result.

Second Level of Expertise to Detect ThreatsSecond Level of Expertise to Detect Threats

Level II is based on machine learning and provides a deeper analysis to better detect vulnerabilities and reduce false positives. It optimizes the list of vulnerabilities and threats and supports final human interaction.

Third Level of Expertise to Detect ThreatsThird Level of Expertise to Detect Threats

Level III is based on human-augmented analysis. An auditor will finalize the report based on expertise and analysis.

Machine Learning Strengthens Security TestingMachine Learning Strengthens Security Testing

By using machine learning, the testing company can create a third layer of expertise so it can better detect potential threats in real time.

Ratio Between Time and AccuracyRatio Between Time and Accuracy

The quality of the report can be measured by the ratio between the time the report is generated and the accuracy of the information. It is easy to generate an analysis that raises red flags for deeper human analysis.

Dealing With False PositivesDealing With False Positives

The false positives rate is higher when human intelligence is used to classify threats and when the final report is not delivered quickly. Machine learning technologies can deliver both speed and quality.

Scan and Analysis FlexibilityScan and Analysis Flexibility

The scan and analysis flexibility will affect both the cost and quality of web app security testing. When software performs the analysis, it reduces the cost and improves the scalability and quality of the analysis.

Link Machine Learning With Human IntelligenceLink Machine Learning With Human Intelligence

Machine learning combined with human augmentation provides a good mix of scalability, quality and cost. Machine learning can perform robust vulnerabilities detection where the entire flaw is tested.

Machine Learning Can Help Keep Costs DownMachine Learning Can Help Keep Costs Down

Machine learning can reduce the amount of time humans spend on tasks and processes, thereby reducing overall costs.

Previous article

Next article

Karen A. Frenkel Avatar
Karen A. Frenkel
Karen A. Frenkel is a contributor to CIO Insight. She covers cybersecurity topics such as digital transformation, vulnerabilities, phishing, malware, and information governance.

Related Articles