• Jeffrey Lush

False Positive review is a key element

With the tens of thousands of events and controls, a false positive review is an essential part of any cyber technology. Illustrated are several examples of key phrases used to find events within the environment.

In the example, the Windows and VMware event logs, each have a single event code identified, 5061 and 28004. The ACATEE AI knows only to collect the event information and not any additional text.

In the several hundred page document, “Final Analysis-SSP” ACATEE is used to scan the text for specific key phrases, in this example, illustrated at the bottom of the screen. ACATEE collects 5 words before and 5 words after the key phrase (highlighted in green), providing the reader with some context as to whether or not the discovered event, (highlighted in red) is relevant or it is a false positive.

Imagine the strength of the ACATEE AI to analyze any document. Perhaps you have 100 documents that you would like to review for PCI or PII data. No problem with ACATEE, create the PII or PCI controls, align the events, and quickly visualize the integrity of the controls developed to protect the environment.

4 views0 comments

Recent Posts

See All