Yariv Fishman is Chief Product Officer (CPO) at Deep Instinct, he is a seasoned product management executive with greater than 20 years of leadership experience across notable global B2B brands. Fishman has held several outstanding roles, including leadership positions with Microsoft where he led the Cloud App Security product portfolio and initiated the MSSP and security partner program, and Head of Product Management, Cloud Security & IoT Security at CheckPoint. He holds a B.Sc in Information Systems Engineering from Ben Gurion University and an MBA from the Technion, Israel Institute of Technology.
Deep Instinct is a cybersecurity company that applies deep learning to cybersecurity. The corporate implements AI to the duty of stopping and detecting malware.
Are you able to tell us about your journey within the cybersecurity industry and the way it has shaped your approach to product management?
Throughout my 20 12 months profession, I’ve worked at several global B2B organizations, including Check Point Software Technologies and Microsoft, where I led product management and strategy and built my cybersecurity experience across public cloud, endpoint, network, and SaaS application security.
Along the best way, I’ve learned different best practices – from how one can manage a team to how one can inform the correct strategy – which have shaped how I lead at Deep Instinct. Working for varied cybersecurity corporations of assorted sizes has allowed me to get a holistic view of management styles and learn how one can best create processes that support fast-moving teams. I’ve also seen first-hand how one can release products and plan for product-market fit, which is critical to business success.
What drew you to hitch Deep Instinct, and the way has your role evolved because you began as Chief Product Officer?
As an industry veteran, I rarely get enthusiastic about latest technology. I first heard about Deep Instinct while working at Microsoft. As I learned about the chances of predictive prevention technology, I quickly realized that Deep Instinct was the true deal and doing something unique. I joined the corporate to assist productize its deep learning framework, creating market fit and use cases for this first-of-its-kind zero-day data security solution.
Since joining the team three years ago, my role has modified and evolved alongside our business. Initially, I focused on constructing our product management team and relevant processes. Now, we’re heavily focused on strategy and the way we market our zero-day data security capabilities in today’s fast-moving and ever-more-treacherous market.
Deep Instinct uses a singular deep learning framework for its cybersecurity solutions. Are you able to discuss the benefits of deep learning over traditional machine learning in threat prevention?
The term “AI” is broadly used as a panacea to equip organizations within the battle against zero-day threats. Nonetheless, while many cyber vendors claim to bring AI to the fight, machine learning (ML) – a less sophisticated type of AI – stays a core a part of their products. ML is unfit for the duty. ML solutions are trained on limited subsets of accessible data (typically 2-5%), offer only 50-70% accuracy with unknown threats, and introduce false positives. Additionally they require human intervention because they’re trained on smaller data sets, increasing the possibilities of human bias and error.
Not all AI is equal. Deep learning (DL), probably the most advanced type of AI, is the one technology able to stopping and explaining known and unknown zero-day threats. The excellence between ML and DL-based solutions becomes evident when examining their ability to discover and stop known and unknown threats. Unlike ML, DL is built on neural networks, enabling it to self-learn and train on raw data. This autonomy allows DL to discover, detect, and stop complex threats. With its understanding of the basic components of malicious files, DL empowers teams to quickly establish and maintain a sturdy data security posture, thwarting the subsequent threat before it even materializes.
Deep Instinct recently launched DIANNA, the primary generative AI-powered cybersecurity assistant. Are you able to explain the inspiration behind DIANNA and its key functionalities?
Deep Instinct is the one provider in the marketplace that may predict and stop zero-day attacks. Enterprise zero-day vulnerabilities are on the rise. We saw a 64% increase in zero-day attacks in 2023 in comparison with 2022, and we released Deep Instinct’s Artificial Neural Network Assistant (DIANNA) to combat this growing trend. DIANNA is the primary and only generative AI-powered cybersecurity assistant to offer expert-level malware evaluation and explainability for zero-day attacks and unknown threats.
What sets DIANNA aside from other traditional AI tools that leverage LLMs is its ability to offer insights into unknown attacks are malicious. Today, if someone wants to elucidate a zero-day attack, they need to run it through a sandbox, which may take days and, in the long run, won’t provide an elaborate or focused explanation. While precious, this approach only offers retrospective evaluation with limited context. DIANNA doesn’t just analyze the code; it understands the intent, potential actions, and explains what the code is designed to do: why it’s malicious, and the way it’d impact systems. This process allows SOC teams time to deal with alerts and threats that actually matter.
How does DIANNA’s ability to offer expert-level malware evaluation differ from traditional AI tools within the cybersecurity market?
DIANNA is like having a virtual team of malware analysts and incident response experts at your fingertips to offer deep evaluation into known and unknown attacks, explaining the techniques of attackers and the behaviors of malicious files.
Other AI tools can only discover known threats and existing attack vectors. DIANNA goes beyond traditional AI tools, offering organizations an unprecedented level of experience and insight into unknown scripts, documents, and raw binaries to organize for zero-day attacks. Moreover, DIANNA provides enhanced visibility into the decision-making means of Deep Instinct’s prevention models, allowing organizations to fine-tune their security posture for max effectiveness.
What are the first challenges DIANNA addresses in the present cybersecurity landscape, particularly regarding unknown threats?
The issue with zero-day attacks today is the lack of awareness about why an incident was stopped and deemed malicious. Threat analysts must spend significant time determining if it was a malicious attack or a false positive. Unlike other cybersecurity solutions, Deep Instinct was routinely blocking zero-day attacks with our unique DL solution. Nonetheless, customers were asking for detailed explanations to higher understand the character of those attacks. We developed DIANNA to reinforce Deep Instinct’s deep learning capabilities, reduce the strain on overworked SecOps teams, and supply real-time explainability into unknown, sophisticated threats. Our ability to focus the GenAI models on specific artifacts allows us to offer a comprehensive, yet focused, response to deal with the market gap.
DIANNA is a big advancement for the industry and a tangible example of AI’s ability to unravel real-world problems. It leverages solely static evaluation to discover the behavior and intent of assorted file formats, including binaries, scripts, documents, shortcut files, and other threat delivery file types. DIANNA is greater than only a technological advancement; it is a strategic shift towards a more intuitive, efficient, and effective cybersecurity environment.
Are you able to elaborate on how DIANNA translates binary code and scripts into natural language reports and the advantages this brings to security teams?
That process is an element of our secret sauce. At a high level, we are able to detect malware that the deep learning framework tags inside an attack after which feed it as metadata into the LLM model. By extracting metadata without exposing sensitive information, DIANNA provides the zero-day explainability and focused answers that customers are looking for.
With the rise of AI-generated attacks, how do you see AI evolving to counteract these threats more effectively?
As AI-based threats rise, staying ahead of increasingly sophisticated attackers requires moving beyond traditional AI tools and innovating with higher AI, specifically deep learning. Deep Instinct is the primary and only cybersecurity company to make use of deep learning in its data security technology to stop threats before they cause a breach and predict future threats. The Deep Instinct zero-day data security solution can predict and stop known, unknown, and zero-day threats in <20 milliseconds, 750x faster than the fastest ransomware can encrypt – making it a necessary addition to each security stack, providing complete, multi-layered protection against threats across hybrid environments.
