Big data is touted as a ‘transformative’ technology for security event analysis – with promises that it will detect threats in the ever-increasing volume of event data generated from in-house, mobile, and cloud-based services. We hear big data will do more, do it better, and cost less. IT and security personnel, having seen this type of hyperbole many times, are justifiably skeptical: we have been promised rainbows and flying unicorns before. The combination of industry hype, vendor positioning, and general confusion in the press about the meaning of big data make seasoned security folks all the more wary. But big data’s hype is not just hot air – it genuinely addresses fundamental scalability and detection problems that can cripple current analytics systems. Big data is a huge step forward.
To address the questions we received from end users, this research paper covers four main topics:
- Describe what security analytics with big data is and what it looks like
- Discuss how it is different than past tools and platforms
- Discuss the main use cases
- What type of solution would be right for you
If you are going to “roll your own” big data security analytics cluster, this research provides a sample of what other firms are doing, architectures they use, and the underlying components they leverage to support their work. It will help you understand what types of data you probably already have at your disposal, and what observations you can derive from it.
If you are looking to acquire a big data analytics solution this research will help you understand potential risks in realizing your investment and help with rollout and integration.
We hope you find this information helpful, and as always please ask questions or provide feedback on the blog.