Business Strategy
Channel Insights
Stay Connected
Acer America
Acer America Corp. is a computer manufacturer of business and consumer PCs, notebooks, ultrabooks, projectors, servers, and storage products.


333 West San Carlos Street
San Jose, California 95110
United States


ChannelPro Network Awards

hello 2
hello 3


December 14, 2020 |

Sophos Shares Open Artificial Intelligence Security Technologies

Seeking to promote collaboration and transparency in the fight against cybercrime, the vendor has made four AI-powered tools developed in its labs freely available to researchers, fellow vendors, and security service providers.

Sophos has made four open artificial intelligence cybersecurity technologies freely available to researchers, fellow vendors, and security service providers.

The move is part of a larger effort to foster collaboration in the fight against cybercrime by sharing tools and techniques that others can use to produce innovations of their own, according to Sophos CTO Joe Levy.

“We think that it sets a good example for the rest of the industry, and we encourage others to do similar sorts of things,” he says. “If we all act this way, it’s going to have the greatest possible benefit for anyone who’s looking to apply this sort of science to cybersecurity.”

It will also, he continues, give cybersecurity research a greater claim to calling itself a science in the first place by enabling bedrock scientific practices like peer review and verification of evidence.

“It’s a tendency of our industry to be a little protectionist, I’m afraid, when it comes to the threat intelligence that we’re producing or the AI that we’re building,” Levy says, noting that the result is claims about the effectiveness of security techniques that can’t be tested or confirmed. 

Publishing internally developed resources, he continues, doesn’t preclude Sophos or other vendors from utilizing them in legally protected ways that confer competitive advantage.

“We differentiate ourselves through the products and the services that we deliver, which can implement these innovations,” Levy says. It’s those products and services, he maintains, rather than the fundamental tools and insights they’re based on, that security vendors should handle as intellectual property.

One of the four resources made available today, called SOREL-20M and developed in partnerships with threat intelligence vendor ReversingLabs, is a collection of 20 million Windows Portable Executable files and 10 million disarmed malware samples that researchers can use to train machine learning-based malware detection models. According to Sophos, it’s the first production scale malware research data set, complete with associated metadata, available to the general public.

“It solves the problem of where do researchers get access to a well curated and well labeled data set that they can use to train models,” Levy says.

An AI-powered impersonation protection method also shared by Sophos today uses transformer technology of the kind recently created by the non-profit OpenAI research lab to combat business email compromise exploits, in which attackers adopt assumed identities to trick people into transferring funds or handing over protected information. BEC scams cost businesses more than $1.7 billion last year, according to the FBI’s 2019 Internet Crime Report.

“This particular class of email attack has been historically quite challenging to identify,” Levy says. “We’ve leveraged this fairly recent advancement within AI based on transformer technologies that allows us to detect this class of attack in a more effective way than any previous attempts in the industry.”

A “digital epidemiology” methodology published today provides a statistical model for determining the likelihood that a given class of malware or malicious behavior will appear within a given population of endpoints. Analysts can use those figures as a benchmark for assessing the effectiveness of their detection methodologies.

The last of the technologies distributed today, called YaraML, is a machine learning tool for automatically generating the signatures used when performing malware scans with the YARA pattern-matching technology. 

“The generation of signatures for purposes of malicious file detection has typically been in the domain of security vendors,” Levy says. “It’s not been easy for a security operations center, for example, to create their own set of signatures.” YaraML closes that gap, he continues, by allowing organizations to automate the process without first standing up a full-scale machine learning production environment.

That all four of the technologies posted today involve artificial intelligence is no accident, according to Levy, who calls AI one of the most powerful weapons currently available for stemming the tide of cybersecurity threats.

“It allows us to operate on volumes of data that humans just have difficulty wrestling with because of the scope and the scale of the data sets themselves,” he says.

Sophos plans to publish more open security resources in the future. “We have a pretty substantial pipeline of these,” Levy says. “There are going to be a lot more publications and disclosures of this sort.”

Editor’s Choice

Midwest MSPs Treated to Personal Stories, Compelling Demos, and More at ChannelPro LIVE: Columbus Show

June 7, 2024 |

Ohio technology professionals joined ChannelPro to share business best practices at the area’s first-of-its-kind event.

Asigra Makes a Splash with New SaaS App Data Backup Platform

June 3, 2024 |

Asigra’s new SaaSAssure platform offers MSPs comprehensive, secure, and easy-to-use backup solutions for SaaS apps, addressing a critical market need and providing an unparalleled opportunity for revenue.

Peer to Peer: John Kampas on Why EMPIST Thrives — Plus, 1 Mistake Too Many MSPs Make

May 31, 2024 | John Kampas

How prioritizing customer protection and technological empowerment helped EMPIST evolve into a “managed technology provider” with an international presence.

MSPs React to Comprehensive, Aggressively Priced Kaseya 365

May 1, 2024 |

Hear from MSP peers on the launch of the new Kaseya 365 program — designed to provide a crucial package of tech services at an affordable monthly price.

Related News

Growing the MSP

Explore ChannelPro


Reach Our Audience