Cybrox Ltd is a leading security company specialising in delivering high impact cyber security services to its clients which include hedge funds, financial institutions, and fintech companies, among others.
Cybrox aimed to improve the effectiveness and proactiveness of its fully managed remote security services by developing innovative software solutions. As such, the company sought to design a novel software platform to allow clients to outsource their cyber security needs without losing the assurance of fully managed security monitoring.
In development of this software platform, Cybrox aimed to build a suite of tools that can monitor and analyse system security threats in real-time by using advanced machine learning techniques to apply threat intelligence. The application aimed to utilise threat intelligence information collected from multiple sources and apply threat intelligence to filter out only accurate and relevant data. The service platform would need to be able to share and document individual knowledge, eliminating key man dependencies, and have the resources and capability to manage and maintain the service platform remotely.
When trying to develop a software with the ability to analyse system security risks in real-time, Cybrox faced significant challenges associated with developing advanced software codes that could:
- translate threat intelligence information for platform use, and
- apply machine learning to filter and import to the system only meaningful intelligence.
With not off-the-shelf solutions available to Cybrox, the software engineers had to develop the algorithms, platform and system database from scratch.
In attempting to translate threat intelligence information for platform use, the software developers faced, specifically, challenges in extracting, transforming, and loading (ETL) the data from multiple sources. Different sources will capture and store data in its own format and, as Cybrox needed the data to be available in a common format, the developers devised a properly designed ETL system that could extract from all sources the data in its raw form, rescript the data into a common format to be used together, and load the data into the system database. Loading the data in a common, usable format allows for the developers to integrate the database with other application functions to help prevent or mitigate cyber threats.
Before the translated data is loaded into the system database, Cybrox sought to apply machine learning techniques to filter and import only meaningful intelligence. Machine learning (ML) is based on the idea that systems can learn from data, identify patterns, and make decisions with minimal human intervention. In other words, teaching system to learn from experience much like a human would. As ML codes require fundamentally different algorithmic designs, the developers developed a bespoke ML algorithm capable of learning from experience to filter our only meaningful intelligence.
As it was not certain at the onset of the project if the above solutions would be technologically feasible, this project is considered R&D in accordance with the Department of Business, Innovation & Skills (BIS) Guidelines on the Meaning of Research and Development for Tax Purposes.