Emily Yale and Anna Bertiger discuss their roles in Microsoft's Security Operations Center and the practical applications of data science in security. They highlight anomaly detection, importance of mathematical skills, and using AI tools. The podcast explores the intersection of technology and security, securing AI models, and the need for data science methods in tech roles.
Data scientists enhance security by building detections for threats in internal SOC.
Anomaly detection is crucial for securing post-breach scenarios.
Combining math skills with security expertise is key for practical solutions in cybersecurity.
Deep dives
The Evolution into Data Science and Machine Learning
The conversation delves into the concepts of data science and machine learning, exploring the broad field of data science involving data cleaning, feature identification, and its usability for various techniques. Machine learning and artificial intelligence are highlighted as advanced techniques within data science, encompassing statistical testing and other technical elements. The discussion differentiates between basic statistical approaches and more complex models, emphasizing the broad scope that data science covers.
Roles in Security and Application of Data Science
The podcast features a conversation with Emily Yale, a senior data scientist, and Anna Burdiger, a principal applied scientist, discussing their roles and applications of data science in security. Emily talks about supporting internal SOC with generalized detection ideas, highlighting the importance of gaining insights from analysts for building broader detections. Anna focuses on research in building unsupervised anomaly detection models to secure Microsoft and customers, emphasizing the challenge of labeling malicious behavior in security.
Interpretability and Trust in Machine Learning Models
The discussion shifts to the importance of interpretability and trust in machine learning models within security operations. Emily stresses the need for providing additional context to analysts to understand the decisions made by models, especially when using advanced methods like tree-based models. Anna echoes the sentiment, highlighting how interpretability drives trust, thus ensuring that analysts can investigate and act upon the model's outputs effectively.
Security Expertise and Application of Machine Learning
The episode concludes with reflections on the security industry, emerging trends, and the application of machine learning in cybersecurity. Both guests emphasize the increasing acceptance of machine learning in security, underscoring the need for models to be trustworthy and provide clear reasoning for their decisions. They discuss the evolving landscape of AI security challenges and the crucial role of combining security expertise with data science to enhance security measures.
Career Journeys into Security and Passion for Impactful Work
Emily and Anna share insights into their career transitions into security from backgrounds in mathematics and data science. They express their passion for making an impact in security operations and detection spaces, highlighting the rewarding nature of working in a field where they feel like superheroes making the world a better place. The discussion captures their journey of leveraging their analytical skills to contribute meaningfully to the cybersecurity domain.
On this week's episode of The Microsoft Threat Intelligence Podcast, Sherrod DeGrippo is joined by Emily Yale and Anna Bertiger. The discussion delves into Emily and Anna's daily activities within the security domain. Emily highlights her role in supporting Microsoft's internal Security Operations Center by building detections for potential threats. Anna emphasizes the practical application of research in solving security problems and focuses on anomaly detection in post-breach security. Emily and Anna provide insights into Microsoft's work culture, the intersection of technology and security, the importance of mathematical and data science skills in tech roles, and the practical applications of AI tools in professional and personal contexts.
In this episode you’ll learn:
How data scientists support the internal SOC and enhance security
The importance of anomaly detection in post-breach security
Combining security with mathematical skills to create practical solutions
Some questions we ask:
What types of unusual patterns indicate malicious activity?
Is there difficulty in securing AI models compared to traditional code?
Should data science methods be used over complex models?
