Unmasking Malicious Scripts With Machine Learning

There are all kinds of powerful features baked into the Windows operating system. One of them is the Antimalware Scan Interface or AMSI. In this episode, hosts Nic Fillingham and Natalia Godyla speak with Ankit Garg and Geoff McDonald of the Microsoft Defender ATP Research Team to learn how AMSI operates, and how they’re utilizing ML to stop attacks. 

Then they speak with Dr. Josh Neil, a Principal Data Science Manager at Microsoft, about his unique path from music to data security, and why his team is sniffing through weak signals to detect attack patterns. 

In This Episode, You Will Learn:  

• How AMSI protects against threats 
• How machine learning makes it easier to catch attacks 
• The way security experts think about attack methodology 
• How computers can think unlike human brains to solve problems 
• The innovations coming to the world of data science 

Some Questions We Ask:  

• What is AMSI?  
• How do you differentiate between the benign and malicious?  
• What’s next for cloud machine learning?  
• How do define AI  
• How does music theory impact your work?  

Resources:

Microsoft Security Blog 

Ankit & Geoff’s blog post

Related:

Listen to: Afternoon Cyber Tea with Ann Johnson

Listen to: Security Unlocked: CISO Series with Bret Arsenault 

Discover and follow other Microsoft podcasts at microsoft.com/podcasts  

Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network.