Unleashing Cyber Reasoning: DARPA Transparent Computing Threat Hunting Retrospective

Abstract

In 2015, DARPA launched the Transparent Computing program to further our understanding and push the limits of modern cyber defense mechanisms. IBM Research teamed up with multiple universities to research and develop new methodologies and systems for hunting advanced persistent threats, performing root cause analysis, and validating threat hypotheses. The team achieved a leadership position in multiple DARPA red team evaluations over a period of four years. Dr. Shu, the technical leader for dynamic cyber reasoning, will talk about technical design choices, lessons learned, and valuable insights from the program and what it says about modern threats and future countermeasures.