Operationalizing machine learning based security detections is extremely challenging,
especially in a continuously evolving cloud environment. Conventional anomaly detection
does not produce satisfactory results for analysts that are investigating security incidents in
the cloud. Model evaluation alone presents its own set of problems due to a lack of
benchmark datasets. When deploying these detections, we must deal with model
compliance, localization, and data silo issues, among many others. We pose the problem of" …

Operationalizing machine learning based security detections is extremely challenging,
especially in a continuously evolving cloud environment. Conventional anomaly detection
does not produce satisfactory results for analysts that are investigating security incidents in
the cloud. Model evaluation alone presents its own set of problems due to a lack of
benchmark datasets. When deploying these detections, we must deal with model
compliance, localization, and data silo issues, among many others. We pose the problem of" …