I don’t know cybersecurity. Do you have actual examples of systems that use non-trivial probabilistic models or algorithms in production ? And not only just papers using probability to study or assess on security properties of certain systems
— kurt coolman (@coolman_kurt) November 28, 2019
Windows Defender and also many, many NBA (network behavioral analysis) tools use non-trivial probabilistic models to assess system threats.
An interesting consequence of this is that on two endpoints loaded with all the same versions of everything, some file or process might be marked as a threat and quarantined on one system, while on a functionally-identical machine the same (SHA1-identical hash) file is not. Makes many things much harder rather than easier.