It goes without saying that Artificial Intelligence (AI) or machine intelligence, is at the forefront of technological discourse and its impact on DevOps and particularly in IT automation cannot be understated. Even though AI has come of age and crossed the threshold of symbolic meaning to achieve practical implementations, in most cases the term reflects nothing more than an abstract notion. For many in the IT industry and cybersecurity domain, embracing AI without clearly understanding what it can and cannot offer is akin to flying blind in the ever-expanding computing skies. AI will have a particularly important role to play in cybersecurity and next-gen data center, however that merits a closer look at its present state first.
AI has a long way to go before surpassing human-level performance in security decision making. Better said, presently we have deep learning tools available that allow for efficient number crunching and anomaly detection based on the trove of data collected from endpoints, applications, networks and the cloud. Scaling the complex level of metadata correlation by merely using human capital is unrealistic; today’s IT teams are overwhelmed by the volume of reported real and potential vulnerabilities. We are not simply looking for anomalies; we are in search of very narrow set of anomalies in the overall data subset that is SecOps-actionable. To achieve that through AI, computers (without being specifically programmed) must look at available data, self-learn and deterministically predict potential future breaches. The problem is that AI today lacks accuracy; machines simply cannot avoid making wrong decisions while reporting false positives and false negatives: false positives can lead to denial of legitimate service and false negatives leave digital assets exposed to attacks.