Connect with us

Hi, what are you looking for?


Security Infrastructure

Security Startup SlashNext Taps Cognitive Computing to Detect Attacks

One effect of the improving ability of security defenses to detect malicious files has been the adversaries’ switch from malware to social engineering and fileless attacks. It is an example of ‘human reasoning’, the ability to change tactics to defeat new defenses.

One effect of the improving ability of security defenses to detect malicious files has been the adversaries’ switch from malware to social engineering and fileless attacks. It is an example of ‘human reasoning’, the ability to change tactics to defeat new defenses.

Pleasanton, Calif-based SlashNext  believes that only human reasoning defenses can keep up with human reasoning attackers. It has launched a new product based on cognitive computing rather than supervised machine-learning. Called the Internet Access Protection System (IAPS), it is, says SlashNext CEO and founder Atif Mushtaq, “the industry’s first security solution that uses the power of cognitive computing to detect advanced cyberattacks in the same way that humans do — except without human limits and without human errors.”

Rather than using malware signatures or sandboxes and behavioral analysis to detect malware, IAPS uses its own cognitive computing engine called Progressive Learning to detect attacks. It uses a protocol centric approach that works independent of OS or end-point device, and concentrates on the one single common factor for (almost) all cyberattacks: the internet access point. In this way, it is unconcerned whether it is phishing, or malware or fileless — it aims to detect all attacks.

Doing so requires a new approach. While machine learning proved effective against many new variants of malware, it cannot detect new malware with previously unseen behaviors that do not match its pre-coded algorithms. SlashNext’s new approach is to use cognitive computing — which is designed to use computer processing power in a manner that mimics human intelligence.

The cloud-based Progressive Learning technology is capable of analyzing gigabits of internet-bound traffic in real time to detect indicators of compromise (IOCs). The IOCs are passed to a set of reasoning engines that behave like human researchers to determine whether they are malicious or not malicious. The result is fed back into the system as part of the peer-to-peer learning process that gives the system its self-teaching capability.

Sensors are deployed at all network egress points. They are simply installed and require neither configuration nor tweaking since all the heavy-lifting is done by Progressive Learning in the cloud. IAPS blocks malicious activity in real-time, prevents data exfiltration and stops machines accessing malicious sites. The concept is similar to having a team of expert threat hunters watching all traffic and analyzing it in real time. Just as human experts get more proficient with experience, so does IAPS understand changing adversary tactics as they evolve.

“The last few years have seen an explosion of social engineering attacks that don’t rely on malware or exploits to penetrate defenses. That’s left businesses urgently in need of an innovative new approach to security that goes far beyond the sandbox,” said Gaurav Garg, Founding Partner of Wing Venture Capital. “By harnessing the power of cognitive computing in its IAPS, SlashNext is taking cyber defense to a completely new level.”

Advertisement. Scroll to continue reading.

SlashNext was founded by Asif Mushtaq in 2014. Mushtaq previously spent 9 years as a senior scientist for FireEye, where he was the lead architect of FireEye’s core malware detection system. SlashNext received $9 million in Series A funding in April 2017 from Norwest Venture Partners and Wing Venture Capital. IAPS is available now as a subscription service either direct from SlashNext or via a VAR.

Related: Threat Hunting with Machine Learning, AI, and Cognitive Computing 

Related: IBM’s Watson Aims its Power at Security Operations Centers

Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Security Infrastructure

Comcast jumps into the enterprise cybersecurity business, betting that its internal security tools and inventions can find traction in an expanding marketplace.

Management & Strategy

Hundreds of companies are showcasing their products and services this week at the 2023 edition of the RSA Conference in San Francisco.

Security Infrastructure

XDR's fully loaded value to threat detection, investigation and response will only be realized when it is viewed as an architecture


Identity and access governance vendor Saviynt has closed a $205 million financing round.

Cloud Security

The term ‘zero trust’ is now used so much and so widely that it has almost lost its meaning.


Security orchestration, automation and response (SOAR) provider Swimlane on Monday announced the launch of a security automation solution ecosystem for operational technology (OT) environments.

Identity & Access

The National Security Agency (NSA) has published a series of recommendations on how to properly configure IP Security (IPsec) Virtual Private Networks (VPNs).