Using Elastic for ML Ops in Malware Detection


21:00 — 21:25 (UTC)

Using Elastic for ML Ops in Malware Detection

In a world where AI is a popular buzzword, behind the scenes in the Elastic Security Protections group we toil to deploy and monitor our machine learning models for detecting malware, using relatively new technologies under the heading of ‘ML Ops’. Observability is one of the most important pieces of ML Ops. Thankfully, we work at Elastic, where observability is within easy reach, and we’re surrounded by experts who can help us set up our tooling.

In this talk, I’ll explain why observability is especially important for machine learning, and how our use cases are somewhat different from those of other types of software engineering. I’ll describe how we use Elasticsearch and Kibana as part of our daily workflow for Security Data Science, including data storage and retrieval, dashboards, and anomaly detection rules for telemetry alerts. Last but not least, I'll discuss our plans for expanding our usage of the Elastic Stack as part of our mature ML Ops process.

Full session Introductory and overview Observability Security
Samantha Zeitlin
Principal Machine Learning Engineer, Security Data Scientist | Elastic
AI-Optimized Alert Triage for Elastic Security