Mikhail Kazdagli
Mikhail Kazdagli is the Head of AI at Symmetry Systems Inc. Mikhail is responsible for bringing cutting-edge AI/ML research into production to identify potential vulnerabilities, detect malicious actors before they can incur significant damage, and improve security posture. At Symmetry Systems Mikhail leads the development of a threat intelligence platform and it has already been deployed to multiple Symmetry Systems’ clients, including Fortune-500 companies. Mikhail has an extensive background in computer security and machine learning. He holds a Ph.D. degree in Computer Security/ML from the University of Texas at Austin, USA.
Session
Modern software systems rely on mining insights from business-sensitive data stored in public clouds. A data breach usually incurs significant (monetary and reputational) loss for a company. Conceptually, cloud security heavily relies on Identity Access Management (IAM) policies that IT admins need to properly configure and periodically update. Security negligence and human errors often lead to misconfigured IAM policies which may open backdoors for attackers. In this presentation, we present a framework for addressing these challenges. First, we demonstrate a novel visualization tool to uncover issues among IAM policies used by real-world commercial organizations. Second, we develop a novel framework to generate optimal IAM policies using constraint programming (CP). We use the least privilege principle as an optimality criterion, which intuitively implies minimizing unnecessary permissions. Third, to make IAM policies interpretable, we use graph representation learning using historical access patterns of users to encode similarity constraints: similar users should be grouped together within permission groups/roles. Finally, we describe multiple attack models and show that our optimized IAM policies significantly reduce the impact of security attacks using real data from multiple commercial organizations and synthetic instances.