1. ESTABLISH WHAT DATA YOU WANT MONITORED
SmithSec will work with you to determine the appropriate data sources in your SIEM or business that you would like to monitor. This can be firewall logs, endpoint logs, or any source of data that you are collecting. We can even assist with setting up new data sources that you want monitored as needed.
2. COLLECT DATA FOR ANALYSIS
SmithSec will collect 3-6 months of your chosen data source(s) for analysis. This data will be used to train the artificial intelligence on what is normal in your environment.
3. TRAIN THE ARTIFICIAL INTELLIGENCE
SmithSec will then train an artificial intelligence model on the collected data. This training can be performed within your own environment or a cloud environment; whatever you prefer!
4. TUNE THE ARTIFICIAL INTELLIGENCE
Once the artificial intelligence model is trained, SmithSec will fine tune it so that it only produces high fidelity results when given new data to evaluate.
5. DEPLOY THE ARTIFICIAL INTELLIGENCE
With a finely tuned working model, SmithSec will then deploy the AI as you see fit. This can be as simple as a Python script that runs on a server to a more advanced deployment of a dedicated inference server that runs within your cloud environment. This can be a custom as you like (e.g. having the model output its findings to a file that can be monitored by your SIEM).
6. MAINTAIN THE ARTIFICIAL INTELLIGENCE
SmithSec can periodically retrain your artificial intelligence model as needed to address changes in your data, making sure that you continue to get high fidelity anomaly findings.