Case Study

How NuHarbor Security leveraged Hackathon to identify innovative solutions

About NuHarbor Security ​

NuHarbor is an established US national cybersecurity services firm, combining experience from a portfolio of hundreds of clients with the very best security technologies available to deliver comprehensive managed security programs. NuHarbor makes cybersecurity stronger and easier for clients by helping them to better understand threats, technologies, and the best ways to protect themselves. The company grew over 90% in 2022, has tripled its staff since 2021, and was most recently named in Inc. magazine’s annual ‘Best Workplaces’ list.

The Challenge ​

Whether analyzing security telemetry to identify attacks or to disrupt the spread of ransomware, security leaders like NuHarbor must ingest and understand information from disparate vendors and technologies. Successful attacks touch or mislead multiple security controls; meaning that broad visibility, through a common lens, is the only way organizations can expect to recognize and address modern threats.
Fortunately, while the specific format and content of these security messages will vary from vendor to vendor, and device type to device type, the core elements are similar. There is always a target or a source, there is always an activity, there is always identification of date and time, and there is usually appropriate context, description, or links to additional information.
Recognizing the need for a common lexicon and the suitability of cybersecurity telemetry for treatment as a new, but natural, language, led the team to envision a solution that could apply existing techniques for natural language processing (NLP) and detailed analytics, to automatically convert or translate messages into a common dialect. The core of the challenge and the desired innovation was the creation of a model that could simply translate data from a highly heterogeneous mix of sources into a single, encompassing, usable, representation. The Polyglot Project was created, and the purpose defined as the creation of a translator, extracting the common and most important elements of security device telemetry to support a data abstraction layer that would be used to generate platform-agnostic representations of security events. The resulting representation would then need to be applied to the challenges of creating useful alerts and reporting while supporting querying, analytics, and automated response through a common schema.
From the beginning, NuHarbor Security expected that a workable solution would require the development or adaptation of artificial intelligence, and specifically natural language processing. The volume of alerts, vendors, threats, and outcomes, pointed to the speed and consistency of learning systems. For the hackathon, however, no specific methodologies or tooling was mandated. A cybersecurity technology-agnostic design was encouraged, and cybersecurity expertise was not essential to completing the challenge.

The characteristics of the winning solution were:

1

Producing a high degree of accuracy in the creation of the ontology

2

The ability to perform the translation at scale

3

Compliance with expectations around proper licensing and attribution for integrated tools
The skills required to complete the challenge varied based on participant solution choices, but a broad and deep understanding of engineering best practices, experience working with large streaming data sets and data modeling, and a fundamental grasp of Artificial Intelligence/Machine Learning along with the underlying mathematics, created a strong foundation for an ideal solution designer.

How HackerEarth Helped

The HackerEarth team took time with NuHarbor over multiple early meetings to best understand and document the environment, expectations, and outreach for the event. Once the requirements and timeline were clear, HackerEarth managed the development of the hackathon webpage and the ensuing candidate sign-ups, while enabling a consistent communication flow with the contestants. Collaboratively, NuHarbor Security and HackerEarth defined the structure of the Hackathon as a two-phase event, comprising of ideation and development phases.
During the ideation phase, candidates were tasked with internalizing and clarifying the problem statement, sharing their best ideas along the way. This 4-5 week long period served as a filter to identify participants who best understood the problem statement and who had the highest probability of building a successful solution. NuHarbor Security acted as a mentor in the ideation period, answering questions, describing and rephrasing the problem statement in detail for comprehension, and offering suggestions to improve the candidates design. This effort helped to ensure that the participants were guided toward expected results and everyone’s time was used effectively. During ideation, more than 800 teams registered, resulting in 59 idea submissions and 22 projects shortlisted for the development phase.
800+ registrations
59 Idea submissions
22 ideas shortlisted
6 project submissions
During the development phase that followed, contestants were expected to create the entire software application and submit it through the HackerEarth platform. There were no restrictions on system architecture, programming languages, or libraries used to create the translator. The scoring criteria focused on the accuracy of the models, their performance, the quality of the code, and each team’s future recommendations. From the pool of final submissions, one team was selected as the winner of the first prize, and two other teams were rewarded for notable entries. The final solution met all the required criteria, and presented a novel and necessary view of heterogeneous data, even in its early form.

Outcome and Next Steps

The NuHarbor Security team is currently analyzing the components and concepts within the winning approach, expecting to drive further innovation in their existing platform for security information analytics and automated activities. The Polyglot hackathon’s success will make it the first of a family of similar events when this technology leader looks to recruit new ideas and new approaches from the wide HackerEarth community.
“We are working with the most advanced technology and analytics daily in support of our client’s cybersecurity needs,” said Justin Fimlaid, Founder and CEO of NuHarbor Security. “We were looking for a new perspective, and new ideas, to implement our vision of a shared security ontology. HackerEarth helped us to inform, inspire, and engage a community of artificial intelligence leaders who did just that.”