If you Google “code blue” or “code blue japan”, you’ll more than likely get search results for the 2008 critically acclaimed Japanese medical drama “Code Blue” which had a feature film released last year. And as exciting as hearing updates about Saejima and Fujikawa’s relationship would be, we’re here to talk about CyCraft’s contribution to Code Blue 2019.
Code Blue is the biggest information security conference in Japan — possibly Asia. Since its founding by Kana Shinoda in 2012, Code Blue has been drawing more and more cybersecurity vendors, Security Analysts, CISOs, CEOs, and international speakers from across the globe.
Code Blue exists to connect international industry leaders, promote cooperation, develop threat intelligence, and amplify Asia’s voice in the global conversation of cybersecurity. Highlights from this year include Andrew Futter’s (Associate Professor of International Politics and Director of Research for Politics and International Relations at the University of Leicester, UK) keynote talk about hacking nuclear weapons and Liis Vihol’s (Managing Editor of Tallinn Manual 2.0 and CEO of Cyber Law International) keynote talk on the application of international law in cyberspace.
“…Cyberattacks have become an increasingly important and influential component of conflict around the globe, and this trend seems unlikely to abate any time soon…”
-Andrew Futter in his book, Hacking the Bomb: Cyber Threats and Nuclear Weapons
Benson Wu, P.K. Tsung, Jeremy “Birdman” Chiu (the founders of CyCraft), and Kana Shinoda have known each other for well over a decade making CyCraft the proud Platinum Sponsor of Code Blue 2019.
Both CyCraft’s main Taipei office and Tokyo office attended Code Blue 7 in Shibuya this year, met with Japanese clients, sat in on several networking dinners, and both attended and hosted talks.
CyCraft’s Senior Researcher, C.K. Chen, talked about the design process on the evolution and evaluation of Fuchikoma — a system for semi-automatic threat hunting (and multi-legged combat vehicles equipped with adaptive artificial intelligence from the fictional universe of Ghost in the Shell — no, really). C.K. explained to attendees in detail how each evolution of Fuchikoma, from Fuchikoma v0 to Fuchikoma v3.0, solved and eliminated the four main design challenges: a lack of strong and clear information from isolated single events, imbalanced data sets (normal versus malicious) made supervised machine learning ineffective, generating and retrieving labeled data in a timely manner, and difficulty in reconstructing a story line to aid investigation.
By integrating natural language processing, graphing algorithms, anomaly detection, and community analysis, Fuchikoma v3.0 exceeded expectations when evaluated against APT3/Gothic Panda and Dogeza Metasploit emulations. Stay posted to our blog to learn more about C.K. Chen and team’s design process and the evolution of Fuchikoma in our future case study about machine learning to catch threats.
Developing semi-automated threat hunting systems isn’t CyCraft’s only trick up its sleeve. CyCraft specializes in a full MDR solution for both the network and endpoints. Delivered by our CyCarrier AIR platform, which includes Xensor, CyCarrier, and CyberTotal, our MDR can go from detection through validation all the way to remediation in under 60 minutes. Welcome to the next evolution in cybersecurity.