Security Leader: Michael LashliCSO
In 2022, MasterCard launched its security conference initiative to emphasize the importance of safe coding practices. Target software developers were taught to create more safe, flexible software by embedding security within software development lifestyle.
The company’s security champion, a member of the safe software development lifestyle team, and the business security guild, the initiative-a periodic incident-intercractive coding challenges and the hand experiences through hand experiences such as the experiences and live attack simulations and enhance their safe software growth genetic principles.
Additionally, this software development promotes cooperation between the community and security teams, promotes shared responsibility for security, creates technical expertise, and runs cultural changes.
“The biggest advantage is enhancing the culture of security by providing an all-hands-twitors-mature-coding interactive learning experience,” says Swarali kulkarniLead product owner in MasterCard.
Kulkarni noted that the conference includes the executive briefing and industry insight to workshops and competitive tournaments, “many types of topics for everyone to create a well -round and impressive experience.”
A safe code to give a gameified experience is an initiative of initiatives on warrior and cybezen training platforms, requiring average status and minimum time commitments (two days, with three to four hours each day). Platforms support more than 50 programming languages and provide a series of matrix to assess safe coding accuracy, monitor the learning hours, to track the number of coded codes, and track the number of doshas, and more.
Till date, five conferences have been held, each by more than 400 participants of the software development community of MasterCard participated. Each conference is especially sewn to programs within the MasterCard that express interest in participating, Kulkarni says.
Pen medicine modernizes the program to detect the danger.
Organization: Pen medicine
Project: Cyber threat to detect overhaul
Security Leader: Julian MihaiCTO
Pen Medicine had set up a top-off-the-line security information and event management (SIEM) solution almost a decade ago, but the security team recognized a few years ago that the on-rivalry system could no longer match the speed that the attacks now develop.
CTO Julian Mihai says, “Now danger can change from hours, so today it is revealed very quickly.
Mihai and his team implemented a new cloud-based SIM solution in 2024, with an innovative constellation of the Miteer Att & CK model to guide the strategic and strategic direction of the danger to guide the strategic and strategic direction of the program.
Says Mihai, “It was a complete redesign, and whatever inheritance was decorated.”
Jessie WhiteDirector of Cyber Safety Defense, says that this initiative requires changes not only in technology but also in people and processes. Security staff had to be trained to adopt a “danger intelligence first” approach that focused on using new danger intelligence to develop and find out the dangers.
The security team also had to implement the right governance to unnecessarily stop an important system unnecessarily. And they had to ensure that the Egress pipeline could support the volume of data going into the cloud-based Siem solution.
“The biggest challenge was to manage the expense, (A) A) AM SEM solutions is based on the amount of license data that has been ingested. We need to create a data-anxiety layer, which gives us an opportunity to provide data to enter the data lake, as it enhances the overall consumption and manages the project’s run-recipe.
Cloud-country Siem solutions and modern safety works of pen medicine have given effective results. The team now works basically with its managed security service provider to ensure 24/7 coverage – and has been “free to do higher work in the stack,” White says, AI and automation handle regular events and functions.
Seriously, the security team detects the time and time to reduce the time and time, with a penmade reporting improvement of more than 550% for each.
Organization: Tia
Project: Hunt
Security Leader: Shastri DurvasulaChief Operations, Information and Digital Officer
Security leaders in TIA formally formally review and refresh their priorities as part of the company’s 3 -year cyber 2.0 initiative. In 2024, he decided to focus on extending his use of artificial intelligence to combat the fast fuel cyberthrate by AI.
Results: A new ability that is called hyper-automated unified network Threat hunting.
The hunt reduces the risk of undetermined hazards using innovative AI and machine learning models over a maximum detection time of 60 minutes. It is designed on existing commercial equipment with a tilated telemetry collection that consolidates suspicious activity in TIA’s cloud infrastructure.
What is after the Hunt that Sashetri Durvasula, TIA’s main operating, information and digital officer, says “sleeper cells” – the danger that hide in an environment, sends the danger back to the actors and waiting for them to activate an attack.
Durvasula, who takes care of security, explains how difficult it is to find out these dangers and how much manual work needs to be done traditionally to identify them in an enterprise environment. Durvasula and his team saw AI important to reduce that manual work and increase effectiveness and efficiency.
There is no commercial solution that meets the needs of TIAA, Tiaa made her own.
TIAA teams designed tools in 2024, to build AI/ML models and search for training patterns that indicate the dangers. Hunt, which sits on top of existing devices and uses industry equipment, including the miter at & CK framework, informs an analyst when it detects a danger so that the analyst detects a danger so that the analyst can neutralize the danger.
Roll out in early 2025, Hunt now reduces the time and resources required to detect and remove. “It greatly strengthens our cyber asana,” says Durvasula, he said that he and his team plan to add more automation and intelligence, including generative AI, including the target of using agent AI to detect the danger with the goal of using AI and to fully automatically automatically automatically automatically automatically automatically automatically automatically automatically automatically automatically anxplain AI.
Walmart has attached AI to identify branded fishing sites on a scale
Organization: Wal-mart
Project: Fishfes
Security Leader: Jerry GislerEVP and Siso
Identifying true threats from large amounts of signals is a challenge familiar to most security functions. To address this, Walmart’s Cyber Intelligence (CI) team created a fishfase, a proprietary fishing detection machine learning model that has been trained to identify webpages similar to Walmart-branded login pages.
“The volume and flow of brand-durupa utility websites, manually processed by the CI team, has been started,” Jason O’DelVice President of Safety Operations.
The CI team created a model, which will ignore a feed of domains/websites and identify trade-branded websites, which can be further fed under detective control. Once the POC was completed, the CI team transferred PhishFace to the Secops Dev team.
“The primary function of the project was to reduce the amount of signals for the potential hazards, potentially harmful and brand-behavior websites identifying analysts,” explains O’Del, “it supports analysts in identifying websites that are potentially harmful and brand-behavior,” saying that it has given adequate increase in analyzer efficiency and effectiveness. “
He said, “In the past, analysts faced a huge amount of information, which was almost impossible to review on time. The project presented the flow of data in a managerial amounts, allowing a small team of analysts to provide timely reviews efficiently,” he says.
The project reduced the number of about 98.5% items on an average, making analysts redirected its efforts for high-primary strategic activities. It has also gained 98% accuracy, directly analyzer, Gavin Clarke, a group director of safety operations, explains the danger detection, increasing the allocation of productivity and resource allocation.
Fishfase is having an important impact, O’Del says, “To give the organization the ability to recognize malicious sites quickly, on scale, and feed other spy controls for real -time functions. Such a model can analyze web pages rapidly, thousands of webpages can adapt to new fishing pages without continuous manual updates.
