Threat Model ATT&CK

June 3, 2019 | Mina Hao

1.    Introduction AI/ML is a hot topic in RSA Conference 2019. Current artificial intelligence (AI) can be roughly divided into perceptual intelligence (capabilities of perceiving images, audio, and video) and cognitive intelligence (knowledge-based reasoning and causal analysis). Most algorithms in use nowadays are perceptual.

DDoS Attacks and Mitigation

May 29, 2019 | Mina Hao

Nowadays, the advancement of information technology has brought tremendous convenience to people. Whether it is social networking or ecommerce, the Internet has become an integral and essential part of our lives. As Internet brought new opportunities, it also created new threats. DDoS is one of the most destructive form of threats. In the past decade, […]

Cybersecurity of Clouds over 10,000 Meters

May 27, 2019 | Mina Hao

Topic: Cybersecurity increasingly tends to be driven by IT instead of business. Enterprise security issues are no longer just concerned with the traditional infrastructure architecture, but have escalated to logical security issues of the business process as well as ecological security issues of multi-layered business.

A Look into RSA 2019: Cultural Blending and Capability Building During the Implementation of DevSecOps

May 24, 2019 | Mina Hao

As an increasing mature technical system in the security domain, DevSecOps, in nature, inherits the concept of shifting security to the left during the security development lifecycle (SDL). Simply speaking, DevSecOps is capability integration, continuous learning, and cultural blending. In fact, the concept of “blending” is also reflected by the theme of the DevSecOps Day […]

Machine Learning Algorithms Power Security Threat Reasoning and Analysis

May 21, 2019 | Mina Hao

RSA Conference 2019, an annual infosec event that brings all cybersecurity professionals together, kicked off in San Francisco, USA on March 4, 2019. This year’s Conference took “Better” as its theme, which reflected infosec players’ visions to constantly improve their own capabilities and work out better security solutions.

Practices of China’s Internet Giants in Machine Learning

May 20, 2019 | Mina Hao

At RSA Conference 2019, Tao Zhou, a senior staff algorithm engineer from Alibaba Security, Alibaba Group, as one of only a few Chinese speakers, started his presentation on application of statistical learning to intrusion detection in the context of massive big data with an account of challenges facing Internet giants in security data analysis, and […]


May 14, 2019 | Devika Jain

  Telecom Exchange, one of the largest C-level networking events that provides unparalleled collaboration, education, and one-on-one engagement with the industry’s top decision-makers, is heading to NYC next week. Executives from all around the world will be meeting to discuss the complex network infrastructure ecosystems, technology and what it means for telecom. The event will […]

A Look into RSA 2019: Interpretation of the Application Security Trend — DevOps and API Security

May 14, 2019 | Mina Hao

As cloud computing, big data, Internet of Things (IoT), and mobile Internet evolve, application forms and requirements are going through changes. I believe that the application security trend virtually highlights technologies and design theories: technological innovations continue to focus on API concepts; the design theories of solutions, products, and services continue to move towards DevOps […]

New Words at RSA: Machine Learning Abuse, XAI, Election Security, and CISA

May 13, 2019 | Mina Hao

The RSA Conference is the world’s biggest IT security meetings of the highest quality. Initially as a small cryptography forum set up in 1991, this conference has developed into a meeting at which renowned security experts from all around the world are invited to discuss the future cyberspace development and global security vendors are attracted […]

Using NLP-based Machine Learning to Automate Compliance and Risk Governance

May 10, 2019 | Mina Hao

The Governance, Risk & Compliance track of the RSA Conference 2019 focuses on quantification of cybersecurity risks and related cases. For example, Superforecasting II: Risk Assessment Prognostication in the 21st Century by Rich Howard from Palo Alto Networks dwells upon how to evolve semi-quantitative risk assessment into more accurate quantitative risk assessment; Math is Hard: […]