Cyber-threat detection


  • Help information security teams reduce risk and improve their security posture efficiently and effectively

  • Automate threat detection across large numbers of devices, attack vectors, and data silos


  • Continuous assessment of asset inventory to gain a complete and accurate view of devices, users and applications with access to IT systems

  • Models that can detect and respond to deviations from the norm, even with noisy data

  • Prediction models that will assess where and how a company is most likely to be breached, so planning and resource allocation can be directed toward weak points in the IT system 

  • Explainability of model recommendations and analysis for security operations leaders, CISOS, auditors and Board of Directors

Business Value

  • Get up to date knowledge of global and industry level threats to help prioritize defense systems

  • Prevent cyber threat incidents and respond quicker/better when they do happen, improving OPEX

  • Free up limited cybersecurity teams to focus on complicated cases, while AI takes care of routine tasks

H2O's AI and Data Approaches

  • Classification Models that can identify threatening vs non threatening events and actors

  • Anomaly detection, entry classification, domain generation detection

  • Unsupervised learning for unlabeled data, clustering data based on anomalies

  • Analyze large data sets of events to identify many different types of threats (eg, malware, ransomware, email phishing, malicious code downloads)

  • Train neural networks to tell the difference between malicious and safe files

  • Use images to train classifier neural networks to detect malware in .doc and .pdf files

  • Bias reduction models



