Runtime security monitoring by an interplay between rule matching and deep learning-based anomaly detection on logs

In the era of digital transformation the increasing vulnerability of infrastructure and applications is often tied to the lack of technical capability and the improved intelligence of the attackers. In this paper, we discuss the complementarity between static security monitoring of rule matching and an application of self-supervised machine-learning to cybersecurity. Moreover, we analyse the context and challenges of supply chain resilience and smart logistics. Furthermore, we put this interplay between the two complementary methods in the context of a self-learning and self-healing approach.