Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

BLOG: The Big Data security analytics trifecta

Jon Oltsik | July 4, 2013
Best solutions will collect, process, analyse, and correlate data in three key areas.

Now think about analysing these three types of data in concert: The network displays anomalous behavior that is correlated against recent threat intelligence. It appears that this may indicate that a Windows system has been compromised by a new strain of malware aimed at a particular version of the Firefox browser. The exploit uses a compromised URL and JavaScript to deliver its exploit. Analysts can then determine which systems have Firefox installed, which users are apt to use Firefox rather than Chrome or IE, which have JavaScript enabled, which VLANs these users are on, which departments they are in, etc. Whether this analysis is automated or manual, access to all of this data will certainly help speed things along.

I know this is a simple example and organizations with strong security could probably figure this out today. True, but how long would it take them, how many people would be required, and how many tools might be involved? When big data security analytics encompasses network behavior, state, and security intelligence, it will make this process more efficient, effective and a whole lot easier. 

Note: For those interested in more information about the big data security analytics landscape, go to the ESG web site and download the ESG Market Landscape Report, "The Evolution of Big Data Security Analytics."

 

Previous Page  1  2 

Sign up for Computerworld eNewsletters.