How To Apply Big Data Security Analytics to Detect Advanced Threats and Breaches

System

How To Apply Big Data Security Analytics to Detect Advanced Threats and Breaches

To detect network threats, IT security teams must focus on real-time monitoring, extending the net of data capture, applying context to information being collected.

Read the full story here

JLund

The Security Infrastructure is only one facet of Big Data. Big Data Tools shine at dealing with unstructured data which is typical of device/system logs. On the other hand SIEM tools based on RDBMS are weak at this because of the difficulty of dealing with real time events & stored events at the same time. The large growth of stored events diminishes the responsiveness of real time requests. There reaches a point where it is necessary to erase "old" data to keep real time response times acceptable. This is totally unacceptable for Data Forensics, Regulatory Law Compliance & thus we are far from Big Data. Now whether it be RDBMS or Hadoop, Big Data will require costly & lengthy developments even before analyzing a single byte of Data and so most organizations will not go along with that. But there are commercial flat file systems out there like Secnology. Then of course as there is no "magic software", it'll take a Data Expert to harness the analytics.