Give Splunk (And Your Security Team) A Helping Hand With Threat Intelligence

Performance is often one of the biggest gripes I hear from Splunk users. Even after spending time carefully architecting a distributed search environment, running it on top-of-the-range hardware, and carefully assigning user permissions, Splunk searches can still often run painfully slowly.

This scenario is particularly true of security use-cases where disparate data sources are compared to identify malicious patterns of activity. Whilst these searches are invaluable, many organisations have to heavily restrain the number of these searches their SOC or threat intel teams can run.

And that’s a big problem, not least because it’s very likely you’ll miss critical security incidents as a result.

Here at Anomali we love Splunk. We not only develop a number of integrations for it, but also leverage it heavily to monitor our own applications and network. We too, however, face the same performance challenges as described above.

As part of our internal security posture, our security operations team analyse the large volume of data our network generates against the millions of indicators of compromise (IOC) curated in our ThreatStream product. It is a powerful way to identify threats immediately.

For a long time, we used our Commercial Splunk App to do this with great success. However, another key use-case for our sec-ops team involved identifying if threats had been seen historically. That is, if the team saw an IOC match our network data, they would then want to look historically to see if the same indicator had been seen before, perhaps days or months previously.

This was important as it would help build up a picture of the behaviour of any potential threat. In doing so, not only could a threat be stopped but it also allows for forensic analysis of what the threat could of potentially compromised.

With terabytes of data spanning years and millions of IOCs, this type forensic search was simply not possible in Splunk. A search like this would bring the best search node down very quickly.

Our pursuit of a workaround eventually led us to build Anomali Enterprise (AE), a product designed from the ground up to compare years of network data against millions of IOCs without breaking a sweat.

You can feed Anomali Enterprise from a wide variety of sources; from raw network events through to data stored in existing SIEM deployments, including Splunk. After AE has done the hard-work of identifying matches in real-time, you can either view the results in the native workflow or reingest the match data back into Splunk and your familiar workflows.

We’re here all week at Splunk .conf 2017 (stand G1) and will be ready to discuss how you can super-charge your Splunk security related use-cases using threat intelligence.


Source: Honeypot Tech

Security's #1 Problem: Economic Incentives

The industry rewards cutting corners rather than making software safe. Case in point: the Equifax breach.
Source: Vulnerabilitys & Threats

Addressing Threat Blindness

In just four years since launching Anomali we’ve seen Threat Intelligence become a standard element of enterprise security programs. Last week we published a Ponemon Institute report on “The Value of Threat Intelligence” (our 2nd year sponsoring this research) – in it we found:

80%

of enterprises now leverage threat intelligence in their security programs

84%

indicated threat intelligence is “essential to a strong security posture”

Despite this rapid adoption we still see organizations struggling to take full advantage of threat intelligence. Fully 68% of Ponemon respondents said threat intelligence is too voluminous and complex. This speaks to the real promise of threat intelligence – what matters isn’t the list of threats itself, but which of those threats are active in my environment. This requires finding the cross section between my threat feeds and my network activity.

New Versus Old Threats

Most organizations subscribe to numerous threat feeds, whether from open source, premium/3rd party, ISACs, government sharing, etc. Security teams will typically collect and accumulate millions of IOCs (indicators of compromise) from their various threat sources. Every day new threats are added to the list. As it turns out, we need to handle newly discovered threats differently than previously known threats. Here’s why:

Previously known threats: All previously known threats need to be monitored daily to make sure we haven’t become a target. It’s like routine health checks – we need to verify that nothing bad happened today from any of these threats.

Newly discovered threats: Newly discovered threats discovered threats are a different beast altogether. These threats became known today, but they didn’t become bad today. They may have been active for weeks, months or years. Attackers do their best to stay under the radar. When new threats are discovered it’s not enough to be on the lookout for them going forward. Perhaps more importantly, we need to go back in time to see we’ve already been targeted by these actors.

Organizations Flying Blind

The challenge for security teams is how to realistically monitor for known threats and assess exposure to new threats on a daily basis.

Consider the previously known threats. Sounds easy enough to simply alert against any matches against my threat list. Here’s the issue – if you’re a moderate sized enterprise you’re likely generating 1 billion or more log events per day. If you’ve got a (relatively small) threat list of, say, 1 million indicators then you need to compare 1 billion events against 1 million threats. That’s 1,000 TRILLION comparisons per day!

Now consider newly discovered threats. Here you might get 10, 100, 1000 new threats on a given day. The challenge here isn’t the daily monitoring – it’s going back to assess prior exposure. Given how long attacks often take (200 days or more), it’s important to be able to back at least 1 year to get a clear picture of possible prior exposure. Let’s do the math: 1 billion events/day, 365 days, 100 new threats/day = 36.5 trillion comparisons.

The Ponemon survey asked respondents how much historical data they maintain online (e.g., in a SIEM). 72% keep 3 months or less. Plus, running a query over that amount of data would take hours or even days. The end result is organizations are pretty much flying blind with respect to the vast majority of these known threats. Our solution for this is Real Time Forensics.

Real Time Forensics

Anomali innovated the concept of Real Time Forensics (RTF) to address this fundamental threat visibility issue. RTF is the core technology that powers Anomali Enterprise. RTF is an extraordinarily powerful engine that can perform searches over massive amounts of data instantly. In just a few seconds RTF can literally:

  • Identify all matches for millions of IOCs across billions of events
  • Search years of historical data and return all matches

RTF does this WITHOUT duplicating log storage. It integrates with existing log repositories/sources such as SIEMs, syslog, Netflow/sFlow and AWS S3.

We developed RTF with three key objectives in mind:

Visibility Visibility: providing complete visibility into all threats, all network activity, for all time
Clarity Clarity: integrating threat context from ThreatStream to provide a complete picture of the threat and how to respond
Automation Automation: automatically evaluating new and existing threats; alerting security teams to real, active threats in their networks

These objectives aren’t new, but RTF’s capabilities give them a whole new meaning. The second an organization gets a hold of indicators from the latest network breach they can identify whether or not they were affected. Unmanageable data sets are no longer an obstacle to full threat visibility.

As it turns out, the future of security isn’t the ability to look forward, but the ability to look back.


Source: Honeypot Tech

SecureAuth to Merge with Core Security

K1 Investment Management, which owns Core Security, plans to acquire the identity management and authentication company for more than $200 million.
Source: Vulnerabilitys & Threats

How Ransomware has become an ‘Ethical’ Dilemma in the Eastern European Underground

By Vitali Kremez, Flashpoint and Travis Farral, Anomali

It’s no secret that the Deep & Dark Web (DDW) is home to illicit marketplaces and forums, as well as an array of cybercriminal communications. Less obvious, however, are the nuances of these communications, the unspoken code of conduct that exists in cybercriminal communities, and the “ethical” dilemma that certain types of attacks can cause.

For example, let’s discuss ransomware.

While monitoring DDW communities in Eastern Europe from early 2014 to early 2016, Flashpoint researchers discovered the forewarnings of a shift in attitude toward ransomware.

Prior to 2016, administrators of the Russian underground stated that ransomware should not be practiced for two reasons:

  • It was a waste of botnet installs and exploit kits;
  • ​It was “intellectual death” and therefore a low-end maneuver.

These administrators firmly believed that ransomware attracts too much attention, may impede other types of cybercrime, could be too-easily turned toward Russian targets, and an increase in its use may cause the Russian government to take a harsher stance towards DDW communities.

It’s very important to note that underground administrators are incredibly powerful in the DDW. Regardless of whether administrators are revered or reviled, the community respects their decisions. Those who don’t comply with such decisions risk being exiled from the forums or even doxed.

The Ethical Dilemma

Indeed, on Feb. 5, 2016, an ethical dilemma arose following a ransomware incident at Hollywood Presbyterian Medical Center. The small hospital was demanded to pay 40 bitcoin (roughly $17,000 at the time) or risk a shutdown of its lifesaving equipment. While healthcare companies had been hit with cyberattacks before, the attacks had never before gone as far as to threaten human life. While Hollywood Presbyterian’s management claimed that the hospital’s infrastructure was never truly at risk, they chose to avert the perceived risk and pay the ransom.

Although the unspoken code of conduct amongst Eastern European cybercriminals strictly prohibits any malicious activity directed against citizens of the Commonwealth of Independent States (CIS), the targeting and exploitation of Westerners — in particular United States citizens – is highly encouraged. Nevertheless, news of the attack against Hollywood Presbyterian was coldly received by Eastern European cybercriminals, many of whom regarded the incident as reckless and unacceptable. While some in the community supported the attack, the majority condemned the unknown assailants, which created an ethical divide in the underground.

One highly reputable member of a Russian top-tier cybercrime forum expressed his frustration with ransomware, writing “from the bottom of my heart, I sincerely wish that the mothers of all ransomware distributors end up in the hospital, and that the computer responsible for the resuscitation machine gets infected with [the ransomware]…”

In response, a prominent ransomware operator countered that view: “[the attackers] scored. It means everything was done properly.” Rather than adhering to the ethical code imposed by administrators, he proposed that targeting places that were guaranteed to pay was not wrong because, at the end of the day, cybercrime is always about making money.

In the following months ransomware increased a staggering 6000%, earning 2016 the title of “The Year of Ransomware”. Of the businesses affected, 70% chose to pay the ransom, making it one of cybercrime’s most profitable ventures.

The WannaCry Shift

Ever since the May 12, 2017 start of the global “WannaCry” (also known as “WanaCry,” “W-cry,” and “Wcry”) ransomware worm attack that largely affected healthcare organizations affiliated with the UK’s National Health Service (NHS), criminals debated the ethics behind the attack. Consequently, Russian-speaking cybercriminals revisited the topic of ransomware and its place within the criminal underground. Previously, ransomware presented cybercriminals with the aforementioned ethical dilemma, as it prevented hospital professionals from providing care. However, Flashpoint’s May 2017 review of cybercriminal discussions on ransomware indicated that many threat actors in the Russian-language underground are moving past their ethical concerns and now view banning ransomware as predominantly a business issue.

One threat actor who suggested banning ransomware cited the following reasons:

  • “It attracts attention to malware and causes companies to introduce measures to increase their security.
  • It increases general awareness of topics related to information security.
  • It kills malware tools predicated on loaders, js (javascript execution), doc macro (payloads) etc., as these get blocked everywhere.
  • It’s a business which is built not on intelligence and mental dexterity, but on brute-force and luck.”

The actor went on to say that by “allowing ransomware operators on the forum, we are digging our own grave. Of course, banning this work on the forum doesn’t stop this type of business, but as a minimum we can use community disapproval to make it more difficult to enter into it.”

The post generated multiple unique responses, almost half (48.5%) of which expressed support for the ban.

Threat actors in favor of the ban echoed concerns that Russian underground administrators shared in 2016: ransomware attracts too much attention, may impede other types of cybercrime, could be too-easily turned toward Russia, and may incentivize the government to act more harshly toward underground communities.

Some threat actors, however, suggested that the use of ransomware is still a personal decision — as long as Russia is protected:

“There is only one rule – don’t target Russia. All other cases depend on one’s degree of perversion. Some people take grandma’s last 10k, some encrypt a corporate company and ransom [their files] for 2k, some brute-force WordPress control panels, upload shells and then send spam or host their own malware, some install skimmers.

Everyone has their own thing.”

This one example speaks volumes about how the ethics of cybercrime are constantly evolving, often in unanticipated ways. The culture of underground communities, the power of their administrators, and the ethical dilemmas and other criminal disagreements they face cannot be determined by looking at technical indicators of compromise (IOCs) alone. Applying tradecraft, language, vernacular and culture savvy to actively listening in to a group are what truly provide the best perspective for defenders to consider as they work to mitigate their organization’s risk. It’s also important to look at these threat actors as individuals — not just as shadowy villains. After all, these problems stem from threat actors, are developed by threat actors, and ultimately can be ended by threat actors.

For now, we know that ransomware is no longer off limits and that cybercriminals are being less selective in their targets.

The cybercriminal ecosystem has been historically and traditionally driven by the value of data on the cyber black markets. Recently, successful attacks have illustrated both a shift in cybercriminals’ business models and a nascent understanding in the cybercriminal community of another way to assign value to data: by assessing the value it presents to its owner.

Protecting Businesses

Organizations seeking to mitigate risks posed by threat actors operating on the DDW must first recognize that these actors are human beings and not faceless, shadowy villains. Defenders should continually establish and/or further develop profiles of relevant threat actors, such as those who have previously attacked, targeted, and/or are seen as a threat to that organization. These profiles shouldn’t simply consist of IOCs; they should also provide insights into the human being represented by the profile. What are their preferences? What types of behaviors do they exhibit?

The combination of monitoring activity in the DDW and closely-monitoring observed attacker behaviors inside the organizational environment yields a much deeper perspective on the actors threatening the organization. This dramatically improves situational awareness and provides needed perspective when developing effective mitigation strategies for defense.

Operationally, processes for collecting and storing this information should be implemented to enhance visibility and limit repetitive, low-value tasks from taking time away from analysts. The following suggestions can help operationalize the necessary components of this collection and processing:

  • Ensure that incident response processes collect needed details for threat intelligence collection
  • Ensure there are mechanisms in place to store collected incident response details along with other observables from the environment such that they can be appropriately processed and searched by analysts
  • DDW collection from a professional, trusted provider with data and analysis made available to internal analysts
  • Provide needed context via automated means where possible (WHOIS data, passive DNS, connection to other observables and historical data, etc.)
  • Ensure that analysts can add their own analysis and notes not only to individual IOCs but also provide the ability to curate and store finished reporting along with associated connections to IOCs and related analysis

Conclusion

Visibility into criminal forums on the DDW is a huge asset for defenders, allowing them to understand the ethics and nuances of the mindsets of cybercriminals. Coupling this information with threat intelligence collections inside an organization helps defensive teams develop deep perspectives and create a “rudder” to guide effective mitigation strategies against current threats. The value this creates is significant for organizations that make investments in these areas versus operating largely in the dark regarding the origins of the attacks seen in the environment every day. As the mindsets and capabilities of cybercriminals change and adapt, so should defenders in how they approach their defensive posture.

This blog post has also been published on Flashpoint’s blog, here.

Flashpoint

Want more information?

Learn more with Flashpoint’s paper “An Analysis of Cybercriminal Communication Strategies“.

Download the report.


Source: Honeypot Tech

Laser Cookies: a YouTube collaboration

Lasers! Cookies! Raspberry Pi! We’re buzzing with excitement about sharing our latest YouTube video with you, which comes directly from the kitchen of maker Estefannie Explains It All!

Laser-guarded cookies feat. Estefannie Explains It All

Uploaded by Raspberry Pi on 2017-09-18.

Estefannie Explains It All + Raspberry Pi

When Estefannie visited Pi Towers earlier this year, we introduced her to the Raspberry Pi Digital Curriculum and the free resources on our website. We’d already chatted to her via email about the idea of creating a collab video for the Raspberry Pi channel. Once she’d met members of the Raspberry Pi Foundation team and listened to them wax lyrical about the work we do here, she was even more keen to collaborate with us.

Estefannie on Twitter

Ahhhh!!! I still can’t believe I got to hang out and make stuff at the @Raspberry_Pi towers!! Thank you thank you!!

Estefannie returned to the US filled with inspiration for a video for our channel, and we’re so pleased with how awesome her final result is. The video is a super addition to our Raspberry Pi YouTube channel, it shows what our resources can help you achieve, and it’s great fun. You might also have noticed that the project fits in perfectly with this season’s Pioneers challenge. A win all around!

So yeah, we’re really chuffed about this video, and we hope you all like it too!

Estefannie’s Laser Cookies guide

For those of you wanting to try your hand at building your own Cookie Jar Laser Surveillance Security System, Estefannie has provided a complete guide to talk you through it. Here she goes:

First off, you’ll need:

  • 10 lasers
  • 10 photoresistors
  • 10 capacitors
  • 1 Raspberry Pi Zero W
  • 1 buzzer
  • 1 Raspberry Pi Camera Module
  • 12 ft PVC pipes + 4 corners
  • 1 acrylic panel
  • 1 battery pack
  • 8 zip ties
  • tons of cookies

I used the Raspberry Pi Foundation’s Laser trip wire and the Tweeting Babbage resources to get one laser working and to set up the camera and Twitter API. This took me less than an hour, and it was easy, breezy, beautiful, Raspberry Pi.


I soldered ten lasers in parallel and connected ten photoresistors to their own GPIO pins. I didn’t wire them up in series because of sensitivity reasons and to make debugging easier.

Building the frame took a few tries: I actually started with a wood frame, then tried a clear case, and finally realized the best and cleaner solution would be pipes. All the wires go inside the pipes and come out in a small window on the top to wire up to the Zero W.



Using pipes also made the build cheaper, since they were about $3 for 12 ft. Wiring inside the pipes was tricky, and to finish the circuit, I soldered some of the wires after they were already in the pipes.

I tried glueing the lasers to the frame, but the lasers melted the glue and became decalibrated. Next I tried tape, and then I found picture mounting putty. The putty worked perfectly — it was easy to mold a putty base for the lasers and to calibrate and re-calibrate them if needed. Moreover, the lasers stayed in place no matter how hot they got.

Estefannie Explains It All Raspberry Pi Cookie Jar

Although the lasers were not very strong, I still strained my eyes after long hours of calibrating — hence the sunglasses! Working indoors with lasers, sunglasses, and code was weird. But now I can say I’ve done that…in my kitchen.

Using all the knowledge I have shared, this project should take a couple of hours. The code you need lives on my GitHub!

Estefannie Explains It All Raspberry Pi Cookie Jar

“The cookie recipe is my grandma’s, and I am not allowed to share it.”

Estefannie on YouTube

Estefannie made this video for us as a gift, and we’re so grateful for the time and effort she put into it! If you enjoyed it and would like to also show your gratitude, subscribe to her channel on YouTube and follow her on Instagram and Twitter. And if you make something similar, or build anything with our free resources, make sure to share it with us in the comments below or via our social media channels.

The post Laser Cookies: a YouTube collaboration appeared first on Raspberry Pi.


Source: RaspberryPi – IOT Anonimo

Source: Privacy Online


Source: Zologic

Now Available: TDR 5.1 with APT Blocker Built-in

We’re thrilled to announce the general availability of Threat Detection and Response (TDR) 5.1, which includes some great new features that enhance both detection and response to threats as well as the overall user experience when testing new features. This release further increases the value of both TDR and the Total Security Suite, enabling users to more broadly identify threats across their network and respond to them in real-time.

This release of TDR includes two new key features:

  • APT Blocker
    With this release TDR can now directly triage suspicious files discovered by a Host Sensor by sending them to APT Blocker for further analysis. The submitted files undergo deep analysis for APT activity in a sandbox environment at a Lastline cloud-based data center. If evidence of malware activity is discovered, TDR can adjust the original suspicious threat score assigned to the file to prevent future infection. With sandbox policy enabled, this process and subsequent response can be automated, making threat triage incredibly easy and effortless.
  • Localization
    The TDR user interface is now available in French, Japanese, and Spanish. TDR automatically displays the localized user interface if your browser language is set to one of these languages.

To learn more, visit Threat Detection and Response.


Source: WatchGuard

Facial Detection and AI Helping Customize Retail Experiences

When shopping online, today’s customers want all the personalization of an in-store experience. And when they walk into a brick-and-mortar store, they want continuity from this online experience, based on the choices they made across all other touchpoints.

Savvy retailers have met these expectations by pulling in incredible amounts of data for highly personalized cross-channel offerings. Online, they’re performing advanced real-time analytics on customer behavior to deliver digital experiences tailored around customers’ interests and needs. In store, they’re using cutting-edge software to understand who’s looking at displays, and to engage, entice, interact and motivate action.

This level of personalization uses artificial intelligence (AI) for facial analytics. It is an essential tool for any retailer who aims to keep up with the changing expectations of digital consumers and find more effective ways to generate revenue. Here’s how the power of AI and facial detection enable a deeper understanding of customers and provide more personalized experiences.

Two humans look at a tablet.

What visual experiences do

The goal of in-store personalization is to deliver experiences that are as individually tailored as those online. While this might sound like a tall order, the truth is that the latest digital displays can collect analytics and deliver content just as precise as those of any web platform.

Only 13 percent of in-store eye fixations are on signage, and the average shopper looks at signage for only three-tenths of a second. Less than half of those people can remember what they saw on the signs. In short, it’s not what you look at, but what you see, that’s really crucial — and a very effective way to ensure that shoppers see a display is to provide them with targeted content.

It all starts with deep insights about consumers. These can come from digital touchpoints, from in-store analytics or, ideally, from a combination of data from all channels. Taken together this data can reveal trends and deeper customer insights — for example, 50 percent more shoppers engage with alcohol brands on Tuesdays rather than on Thursdays, and they’re two times more likely to browse frozen foods on a Wednesday afternoon. This leads to a better understanding of the customer, greater data personalization, insight and a better overall customer experience.

When you connect online and offline data to arrive at these kinds of insights, you’ll deliver more personalized experiences and establish loyalty for your brand. The next step is to leverage AI to reach the shopper.

AI in retail experience

The latest data shows that interactive digital signage gets more than twice the engagement rate of top social networks. It also gets a dwell time that’s 24 percent higher than Google benchmark data for online rich media. But not all interactive signage gets these impressive results. To really activate the power of this channel, you’ve got to use it to learn about customers — then deliver personalized, customized content that connects with them at the right time.

Many retailers are scrambling to increase personalized experiences and are calling on companies with proven results that offer groundbreaking retail technology, specializing in driving brand and consumer engagement. One of the most powerful tools for in-store personalization is facial facial detection . This technology can play visually interesting content for individual customers, based on past purchases. But that’s only the beginning.

Digital and interactive displays go far beyond facial detection — they can detect returning customers’ emotions, demographic information, shopping time, location and more. These cognitive analytics enable the display to engage in a real-time feedback loop with the customer, refining its messaging in response to the shopper’s reactions, in order to reach the right consumers with even more precise messaging in the future.

The results speak for themselves. Using a combination of facial detection, emotion detection and advertising refinement raised the average dwell time per display to an almost-unheard-of 32 seconds. Impressions and engagements also went through the roof, as more shoppers interacted with personalized displays and were far more likely to purchase following those interactions.

Some brands are beginning to go a step even further by adding object detection to their personalization strategy. This can yield even better results, and serve targeted behavior-driven messages to individual customers. All touchpoints in all stores can deliver a single, consistent experience that spans every digital touchpoint and brick-and-mortar location.

This is the level of consistency and personalization demanded by today’s shoppers. Aside from the increase in engagement and revenue, the real value is the ability to build emotional connections with your customers. This personalization is an absolute necessity in the future of retail to keep customers coming back, time and time again.

Visit intel.com/retail to learn more about how Intel technology is shaping the future of responsive retail. To stay informed about Intel IoT developments, subscribe to our RSS feed for email notifications of blog updates, or visit intel.com/IoTLinkedInFacebook and Twitter.

The post Facial Detection and AI Helping Customize Retail Experiences appeared first on IoT@Intel.


Source: Network News

Facial Recognition and AI Helping Customize Retail Experiences

When shopping online, today’s customers want all the personalization of an in-store experience. And when they walk into a brick-and-mortar store, they want continuity from this online experience, based on the choices they made across all other touchpoints.

Savvy retailers have met these expectations by pulling in incredible amounts of data for highly personalized cross-channel offerings. Online, they’re performing advanced real-time analytics on customer behavior to deliver digital experiences tailored around customers’ interests and needs. In store, they’re using cutting-edge software to understand who’s looking at displays, and to engage, entice, interact and motivate action.

This level of personalization uses artificial intelligence (AI) for facial analytics. It is an essential tool for any retailer who aims to keep up with the changing expectations of digital consumers and find more effective ways to generate revenue. Here’s how the power of AI and facial recognition enable a deeper understanding of customers and provide more personalized experiences.

Two humans look at a tablet.

What visual experiences do

The goal of in-store personalization is to deliver experiences that are as individually tailored as those online. While this might sound like a tall order, the truth is that the latest digital displays can collect analytics and deliver content just as precise as those of any web platform.

Only 13 percent of in-store eye fixations are on signage, and the average shopper looks at signage for only three-tenths of a second. Less than half of those people can remember what they saw on the signs. In short, it’s not what you look at, but what you see, that’s really crucial — and a very effective way to ensure that shoppers see a display is to provide them with targeted content.

It all starts with deep insights about consumers. These can come from digital touchpoints, from in-store analytics or, ideally, from a combination of data from all channels. Taken together this data can reveal trends and deeper customer insights — for example, 50 percent more shoppers engage with alcohol brands on Tuesdays rather than on Thursdays, and they’re two times more likely to browse frozen foods on a Wednesday afternoon. This leads to a better understanding of the customer, greater data personalization, insight and a better overall customer experience.

When you connect online and offline data to arrive at these kinds of insights, you’ll deliver more personalized experiences and establish loyalty for your brand. The next step is to leverage AI to reach the shopper.

AI in retail experience

The latest data shows that interactive digital signage gets more than twice the engagement rate of top social networks. It also gets a dwell time that’s 24 percent higher than Google benchmark data for online rich media. But not all interactive signage gets these impressive results. To really activate the power of this channel, you’ve got to use it to learn about customers — then deliver personalized, customized content that connects with them at the right time.

Many retailers are scrambling to increase personalized experiences and are calling on companies with proven results that offer groundbreaking retail technology, specializing in driving brand and consumer engagement. One of the most powerful tools for in-store personalization is facial facial detection . This technology can play visually interesting content for individual customers, based on past purchases. But that’s only the beginning.

Digital and interactive displays go far beyond facial detection — they can recognize returning customers’ emotions, demographic information, shopping time, location and more. These cognitive analytics enable the display to engage in a real-time feedback loop with the customer, refining its messaging in response to the shopper’s reactions, in order to reach the right consumers with even more precise messaging in the future.

The results speak for themselves. Using a combination of facial recognition, emotion detection and advertising refinement raised the average dwell time per display to an almost-unheard-of 32 seconds. Impressions and engagements also went through the roof, as more shoppers interacted with personalized displays and were far more likely to purchase following those interactions.

Some brands are beginning to go a step even further by adding object detection to their personalization strategy. This can yield even better results, and serve targeted behavior-driven messages to individual customers. All touchpoints in all stores can deliver a single, consistent experience that spans every digital touchpoint and brick-and-mortar location.

This is the level of consistency and personalization demanded by today’s shoppers. Aside from the increase in engagement and revenue, the real value is the ability to build emotional connections with your customers. This personalization is an absolute necessity in the future of retail to keep customers coming back, time and time again.

Visit intel.com/retail to learn more about how Intel technology is shaping the future of responsive retail. To stay informed about Intel IoT developments, subscribe to our RSS feed for email notifications of blog updates, or visit intel.com/IoTLinkedInFacebook and Twitter.

The post Facial Recognition and AI Helping Customize Retail Experiences appeared first on IoT@Intel.


Source: Network News

Future of Brick and Mortar Begins With Responsive Retail: 7 Questions With JDA

We recently had the pleasure of sitting down with JDA Software GVP Product Strategy Todd McCourtie to discuss the future of brick-and-mortar stores. Successful retailing comes down to one thing: getting the right product into shoppers’ hands. That may sound simple, but success requires inventory accuracy, efficient sales associates and the flexibility to quickly adapt to shoppers’ needs in near-real time. That said, thanks to today’s emerging retail technology solutions I’m convinced that the retail industry’s future has never looked brighter! –Stacey Shulman

A picture of clothes on hangers.

Q: To start off, what are some of the challenges you see brick-and-mortar retailers facing that technology solutions can help solve?

A: Today’s retailers are looking for answers to the same questions that have always challenged the retail industry. How do I manage my inventory? How do I deliver a great customer experience? Moreover, how do I optimize my workforce for maximum results? Technology can help here, but what has really emerged is that as some retailers have tried to solve these challenges they’ve ended up cobbling together islands of technology. So it’s been very difficult for them to get that full 360-degree view of the store that leads to actionable results. I think that’s where we see opportunities emerging through technology solutions that can seamlessly support retailers with their immediate problem, which is how can they make sure they’ve got their inventories in the right place in the store.

 

Q: Can you talk a bit about how improving inventory management can solve several retail issues at once?

A: There’s a couple things. First, it’s not just a missed sale if the inventory is not in its place, but it affects the customer experience. Whether a retailer offers an inviting and easy-to-understand sales process is completely irrelevant if the product isn’t on the shelf. So, to me, that’s where it starts. If retailers have inventory visibility they can start to do localization because they’re seeing the real-time demand. A great example that focuses on localization is the question of why do sweaters arrive at Phoenix, Arizona, stores in May? It makes absolutely no sense. If near-real-time inventory management solutions are in place, then retailers have insights into the buying habits of individual stores and communities. They can then instantly replenish inventory, or not, based on the demands they’re getting from the store.

 

Q: How are JDA and Intel technology solutions uniquely positioned to address the localized inventory management solutions you mentioned?

A: I was hoping you’d ask! I’m excited to share that JDA and Intel have teamed up to offer retailers an intelligent technology solution to help manage and overcome age-old business challenges: the JDA Store Optimizer, supported by the Intel Responsive Retail Sensor. It tracks inventory accurately, so you always know where items are located and how many are in stock while also automatically updating store associates’ tasks. Having near-real-time inventory data makes it easy to run lean, save time and money and replenish products as needed with little risk of shortages, overstocking or preventable returns. The JDA Store Optimizer then uses this precise inventory data to automatically identify, prioritize and assign tasks that sales associates need to carry out to optimize operational efficiency, while freeing the store manager to spend more time making decisions that will improve store performance and increase revenue.

To put it simply, we know the future of retail because we’re building it with Intel. So we see the problems of today and both companies see what we need to do to solve them, but with an eye to the future.

 

Q: Data security is a hot topic these days. How is that being addressed with this retail technology solution?

A: When we deal with privacy, we always talked about opt-in [being] enabled right into the platform. From an application provider perspective, the core platform is built from the ground up with security in mind. We also want to make sure that data can be isolated per application, so that if a retailer has their specific set of data they’re bringing, it’s only for them and they know they can trust that verified data. So, that kind of end-to-end security is built in from the ground up. Then there’s end-to-end data encryption, as well, to help guarantee the security and privacy of the data.

 

Q: What about privacy? How is that being addressed with this solution?

A: From my perspective, privacy is very personal. Some people are completely OK with giving that away; other people are very guarded about it. Only 43 percent of shoppers say they are comfortable giving up personal data to a retailer — even if it is to improve their shopping experience. This is a relevant and prescient issue to retailers today. And so, when we’ve tried to approach it, we’ve said there needs to be a way to opt in; a loyalty program is a great way to do that, for example.

 

Q: Can you give us an example of some of the early results you’re seeing from a retailer that has piloted the JDA Store Optimizer?

A: I certainly can. We’re working with a specialty retailer in North America and are excited to see that we’re getting enormous response. I just received an email stating how pleased the associates are in that environment because they’re able to spend more time focusing on relevant customer engagement and that’s great news for us to hear. We know that this is so important from data that we have about customer behavior. Most consumers say that they want associates who are more knowledgeable and will leave a store empty-handed if they do not get the right person with knowledge to help them with purchasing products. A recent study shows that two in three shoppers who tried to find information within a store say they did not find all the information they needed; when they were unable to find the complete information, 43 percent of customers left the store frustrated; 22 percent said they were less likely to buy from that retailer and 41 percent more likely to shop elsewhere. It is so important to have engaged, knowledgeable and able sales associates and the JDA Store Optimizer enables sales associates to get back to the business of being available to customers rather than just running around the store in search of inventory.

 

Q: How do you see artificial intelligence coming to bear and being a part of this platform in the future?

A: Artificial intelligence can help us precisely because we don’t live in a static world. If store shelves were always perfectly stocked and arranged then we probably wouldn’t have much of a need for it. But we live in reality. People buy things so the stock is changing constantly. Things are shuffled as people look at them. Customer behavior enables an opportunity to use pattern matching and artificial intelligence to really go look at those environments and say, hey, these events have happened where there’s a $5 item covering a $100 item that was really supposed to be on display; let’s have an associate go fix that to give me insight into the ROI of an endcap. Was it actually stocked properly? Did people interact with it? I think we can learn over time, make it much better and make that store truly responsive. In a way, the store itself is learning. The platform helps the store learn so it can keep up in near-real time with the changes that are happening in consumer behavior and the retail environment. Moreover, there’s no lag time. You’re not being caught unaware.

Visit intel.com/retail to learn more about how Intel technology is shaping the future of responsive retail. To stay informed about Intel IoT developments, subscribe to our RSS feed for email notifications of blog updates, or visit intel.com/IoTLinkedInFacebook and Twitter.

The post Future of Brick and Mortar Begins With Responsive Retail: 7 Questions With JDA appeared first on IoT@Intel.


Source: Network News