DARPA Accepts CASTLE Program Proposals to Strengthen Computer Networks

An ever-expanding cyberattack surface, infrequent IT vulnerability scans, and heavy-handed security procedures create a seemingly unbalanced battle when it comes to defending critical IT assets. Couple these factors with expensive cybersecurity assessments that often lack actionable feedback, and the odds can seem to favor bad actors.

DARPA intends to change that dynamic with a new technology-driven program that can accelerate cybersecurity assessments with automated, repeatable, and measurable approaches.

The CASTLE (Cyber ​​Agents for Security Testing and Learning Environments) program aims to improve cyber testing and assessment by developing a toolkit that instantiates realistic network environments and trains AI agents to defend against advanced persistent cyber threats ( APT). Teams will use a class of machine learning known as reinforcement learning to automate the process of reducing vulnerabilities within a network.

“Attackers often have a better understanding of network vulnerabilities than defenders, but that doesn’t have to be the case,” said Tejas Patel, CASTLE program manager at the Office of Information Innovation. from DARPA. “Reinforcement learning can enable the creation and training of cyber agents that are far more effective than current manual approaches to dealing with APTs in networks.”

Another CASTLE goal is to create open source software that can help network defenders anticipate vulnerabilities that an attacker might exploit. As a significant benefit, the datasets created by the CASTLE software will support open and rigorous evaluation of defensive approaches that will last beyond the life of the program.

More information can also be found in the CASTLE Broad Agency announcement.

Learn more about DARPA

Ryan H. Bowman