Big data for security?
Everyone is talking about it but few people have figured out how to harness it really improve IT security. It’s not for lack of event data. Security information and event management – SIEM – technology has been collecting lots of information from practically every kind of device on our networks. SIEMs are good at producing reports but they haven’t excelled at helping us deal with new kinds of advanced threats and telling us how to use our existing security controls more effectively to protect the business. How do we take the pattern of security issues or vulnerabilities and tell the existing security tool — the firewalls, intrusion prevention systems, etc. – what types of things to look for that are indicative of security threats that are out there? A security monitoring platform that leverages and extends the architecture and analytics of your existing SIEM. Security Analytics redefines SIEM by combining network monitoring, traditional log-centric SIEM, forensics, compliance, and big data management and analytics.