With the rapid growth of cyber threats, malicious actors are increasingly using AI technologies to launch attacks, making threats more complex and harder to combat. Organizations must prioritize enhancing their cybersecurity systems to protect data and user privacy from continuously evolving attacks.
MFEC’s Infosec team recognizes the critical role of AI in addressing these threats and has collaborated with Splunk and banking clients to test the integration of Splunk SIEM with AI/ML capabilities through the Splunk DSDL (Data Science and Deep Learning) application
What’s Splunk DSDL ?
Splunk DSDL is an application from Splunk installed on Splunk SIEM, designed to connect with AI/ML systems set up on containers such as Kubernetes or Docker. The integration between Splunk DSDL and the user’s AI/ML systems enables a variety of functionalities, including data exchange for threat detection based on existing models, sending data to train new AI models, or even refining AI models to enhance performance and suitability for different use cases.
Key Features of Splunk DSDL:
- Over 35 code examples to guide the creation of new models or to test models through the DSDL Framework.
- Pre-built containers, including golden images for both CPU and GPU, with the option to create custom images.
- Integration between Splunk Search Head (a component of Splunk SIEM) and container environments such as Docker, Kubernetes, or OpenShift.
- Fast model development using Jupyter Lab Notebooks.
- Efficient container management to ensure optimal use of models.
To maximize the effectiveness of AI/ML within an organization, it is crucial to have experts in both cybersecurity and AI model development. At MFEC, we offer comprehensive, end-to-end solutions powered by a team of seasoned professionals. From assessing your needs and providing expert consultation to designing, implementing, and maintaining customized solutions, we ensure that your AI/ML initiatives operate seamlessly and effectively
If your organization is looking for CSOC solutions, AI Security, or interested in products and services related to Splunk, please contact us for more information at email: infosec_architect@mfec.co.th
