HPE Software is now Micro Focus
HPE Software is now Micro Focus
Protect Your Assets

Application security gets automated: Machine learning boosts financial services

Application security gets automated: Machine learning boosts financial services



As the wide range of technologies that fall under the banner of "Big Data" begin to mature and become ubiquitous, the next stage of development of the analytics stack is machine learning. Beyond its role in making better sense of data, however, machine learning has an increasingly critical role to play in application security, particularly in areas like financial services.

With increased security focus turning toward one of the prime sources for exploitation—commercial and homegrown code—the tooling around application security is getting smarter and bringing the rest of the monitoring stack up to speed through automation.

Protecting financial data

For data-driven organizations, which include almost any Fortune 500 company, maintaining the security of their critical applications is equivalent to locking down some of their most valuable assets. With a wide set of applications spanning departments and even different clusters or infrastructure, this is no small task. According to Tim Grieveson, chief cyber and security strategist for Enterprise Security products, EMEA, Hewlett Packard Enterprise, "We're also seeing the bad guys moving away from the computing endpoint as their target of choice and focusing much more on the applications themselves and the data behind them. The black market for data that can be monetized, from personal information to credit card numbers and more, is enormous." Even at midsize companies, this is a significant challenge. The risks and consequences of a breach compete with the cost of dedicating the right level of personnel to monitor and address potential flaws.

We've seen time and again the very public reaction to big security breaches at major retailers, but imagine if a single security issue occurred for a large bank or, on a smaller scale, a midsize risk management or hedge fund. It's one thing to leak names and addresses, but financial information is another story entirely.

Fortunately, we're now armed with a tool set that's making this security less of a personnel burden. Aided by automation and more robust machine learning algorithms, application-level security has been stepped up in the last few years—especially in recent months.

At its core, machine learning for application-level security in financial services (not to mention a number of other areas with mission-critical security and performance requirements) means leveraging rapid analytics to determine possible threats. Machine learning, coupled with an existing analytics stack, enables this process to be automated. Potential red flags are spotted and passed on for further analysis—something that would have required much more manual intervention and monitoring just five years ago. Although automation enhances security, keep in mind that security starts with people. According to Grieveson, "Strong enterprise security is not just about technology. It's about the right mix of people, processes, and technology. If you're not continuously investing in good people and well-documented processes, no amount of technology will mitigate your risks."

Integration is key

Although all workflows are different, even within the financial services sector, key security automation for applications and monitoring demands remain consistent. The need is to detect threats before they happen, flag and isolate them, and if designated by the end-user group, automatically shut down the application before the situation becomes a much greater threat. This isn't as simple as it sounds—the underlying key is tight integration with the entire workflow and software stack. Often, financial services and other companies have custom-built monitoring solutions that analyze streams of data in near-real time. Some use open source tools like Spark, while others use commercial codes, but without integration and the ability for the integrated system to actually learn from application and threat behavior, much of the promise is left on the table and audits return to being a thorn in the side of security experts. 

Another key to ensuring that any approach to using machine learning for targeted application security is working properly is to go with a solution that integrates with any application, at any time. One of the reasons why application-level security is such a hot topic is because the potential sources of exploitation are application-dependent. While machine learning can be used to differentiate between real threats and system events, with a changing base of internal applications, an automated solution should be able to evolve and adapt to new applications, as they can pose the greatest risk.

A new age of security automation

Without development of the existing Big Data analytics stack over the last several years, this degree of automation would likely not have been possible. Coupled with these innovations in data ingestion, transformation, and analysis are several more recent developments in monitoring and automation. Combined with the power of machine learning algorithms (many of which aren't fundamentally new but have been tailored to suit different needs) it's finally time for true application security, unmanaged and automated, to emerge for companies of all sizes. 

To learn more about security risks to enterprises, read the HPE Cyber Risk Report 2016.


Guest post by Nicole Hemsoth, HPE Guest writer 

About the Author


Absent Member.

Superb artcile. Very well articulated and hit the problem areas on the head. Thanks for the write up. It was great to read and I cound't agree more.