Getting the Most Out of SIEM. Presentation Title. Data in Big Data. Presented By: Dr. Char Sample, CERT
|
|
- Angel Dennis
- 8 years ago
- Views:
Transcription
1 Getting the Most Out of SIEM Presentation Title Data in Big Data Presented By: Dr. Char Sample, CERT
2 Acknowledgements Dr. Ben Shniederman, UMD Big Data Big Insights George Jones, John Stogoski, CERT Alternatives to Signatures Gartner, Reality Check for Cybersecurity and Fraud Caltagirone, Pendergast & Betz, The Diamond Model of Intrusion Analysis Bhattacharya & Mitra Analytics on Big Fast Data Using Real Time Stream Data Processing Architecture 2
3 Introduction Defining Big Data Big Data Issues What feeds BD The signal to noise problem Gaining insights 3
4 What is Big Data? Lots of noise! We are drowning in information, but starved for knowledge John Naisbitt So much noise that finding the signal is difficult. Data scientists Data visualization The goal is to find ways to make sense out of the noise that works for you! 4
5 What is Big Data? What is different? Volume Variety Velocity What is common? Flow data Date/time stamps 5
6 BD - Components Security BD comes from many sources: Proxy logs, metadata, security logs (firewall, IDS, IPS, Authentication, HBSS), DNS & DHCP logs, query logs, badge data, netflow, crash-dump analysis, SIEM data, news events*. Hunt teams intuitive engineers Threat intelligence News sources 6
7 BD Characteristics - Events Events Methods tend to be intuitive Temporal Events Network Tree Event processing Signature: challenge signatures miss to (False negative) much AD: challenge = inform decisions, in a timely manner. (False positive) Probabilistic vs possibilistic 7
8 BD Characteristics - Provenance Provenance How to find ground truth data. What is the quality of the data that you are examining? Where is the data from? How did it get there? Why is data provenance is important? 8
9 Signal / Noise How do we separate? Shniederman, UMD: Overview, zoom, filter, details on demand Gartner: Start small and infuse with data analytics with contextual data and analytics Regardless of approach, the role of the human continues to grow, along with the complexity of that role. 9
10 Signal / Noise Shneiderman Start large, understand the entire picture, then look for something amiss. Zoom in on items of interest. 10
11 Signal / Noise Gartner Start small and pick a project where you can see results. Eventually broaden adoption of big data analytics across multiple applications. 11
12 BD Architecture 12
13 BD Processing Architecture 13
14 BD Architecture - Gartner 14
15 Signal / Noise Visualization tools Time (Palantir, Time Searcher, Lifelines) Network (Tom Sawyer, Pajek, Gephi) Trees (SpaceTree, TreeMap) Search Clusters Anomalies 15
16 Signal / Noise Efficient storage algorithms exist Retrieval algorithms Why this problem exists Other security issues Use of BD to predict events Clusters Markov 16
17 Signal / Noise Retrieval issues Query broker Architectural concerns Data node security 17
18 Hadoop Cluster Architecture 18
19 Signal/Noise 19
20 Data Clusters Why do they matter? What application in BD? 20
21 Markov Actually HMM seems to be emerging as the method of choice. Relies on learning algorithms for a data Corruption issue with collected data Kafka & Storm Kafka Message data (LinkedIn) Storm streamed data Probability models for anomalies in the BD. 21
22 Signal / Noise Current security analysis methods rely on a combination of techniques: Hunt teams Log files Attack trees Reputation lists Threat intelligence 22
23 Fusing Much of the work in security relies on human insight to fuse the data. Process lacking Methods lacking Framework lacking 23
24 Conclusions BD, particularly as it pertains to security data, can provide deep insights. Many issues with BD remain but certain areas, such as BD architecture appear to be starting to stabilize. Risk modeling for BD architectures will need to focus both inward and outward. An essential component will be the mix of personnel working together. Do NOT be intimidated, no one knows everything about BD, if they say they do, they are lying. 24
25 Q&A Questions & Answers
26 Backup Slides
27 Hunt Team Semantic Engines 27
28 DNS Mined Data Detecting Newly Active Domains Often times a fast flux behavior Usually gray listed Can check to learn more about the address space, who allocates the space. Sometimes information about the owner of the space can provide insights. 28
29 Reputation lists 29
30 Network Profiling Understanding the network. Tools like Flow & Wireshark can assist What about the use of deception technologies & techniques? 30
Secure Because Math: Understanding ML- based Security Products (#SecureBecauseMath)
Secure Because Math: Understanding ML- based Security Products (#SecureBecauseMath) Alex Pinto Chief Data Scientist Niddel / MLSec Project @alexcpsec @MLSecProject @NiddelCorp MLSec Project / Niddel MLSec
More informationEvolution Of Cyber Threats & Defense Approaches
Evolution Of Cyber Threats & Defense Approaches Antony Abraham IT Architect, Information Security, State Farm Kevin McIntyre Tech Lead, Information Security, State Farm Agenda About State Farm Evolution
More informationBig Data & Security. Aljosa Pasic 12/02/2015
Big Data & Security Aljosa Pasic 12/02/2015 Welcome to Madrid!!! Big Data AND security: what is there on our minds? Big Data tools and technologies Big Data T&T chain and security/privacy concern mappings
More informationWHITE PAPER: THREAT INTELLIGENCE RANKING
WHITE PAPER: THREAT INTELLIGENCE RANKING SEPTEMBER 2015 2 HOW WELL DO YOU KNOW YOUR THREAT DATA? HOW THREAT INTELLIGENCE FEED MODELING CAN SAVE MONEY AND PREVENT BREACHES Who are the bad guys? What makes
More informationSeparating Signal from Noise: Taking Threat Intelligence to the Next Level
SESSION ID: SPO2-T09 Separating Signal from Noise: Taking Threat Intelligence to the Next Level Doron Shiloach X-Force Product Manager IBM @doronshiloach Agenda Threat Intelligence Overview Current Challenges
More informationWhat s New in Security Analytics 10.4. Be the Hunter.. Not the Hunted
What s New in Security Analytics 10.4 Be the Hunter.. Not the Hunted Attackers Are Outpacing Detection Attacker Capabilities Time To Discovery Source: VERIZON 2014 DATA BREACH INVESTIGATIONS REPORT 2 TRANSFORM
More informationQ1 Labs Corporate Overview
Q1 Labs Corporate Overview The Security Intelligence Leader Who we are: Innovative Security Intelligence software company One of the largest and most successful SIEM vendors Leader in Gartner 2011, 2010,
More informationModule 1: Overview. Module 2: AlienVault USM Solution Deployment. Module 3: AlienVault USM Basic Configuration
Module 1: Overview This module provides an overview of the AlienVault Unified Security Management (USM) solution. Upon completing this module, you will meet these objectives: Describe the goal of network
More informationAugmented Search for Software Testing
Augmented Search for Software Testing For Testers, Developers, and QA Managers New frontier in big log data analysis and application intelligence Business white paper May 2015 During software testing cycles,
More informationIBM Security. 2013 IBM Corporation. 2013 IBM Corporation
IBM Security Security Intelligence What is Security Intelligence? Security Intelligence --noun 1.the real-time collection, normalization and analytics of the data generated by users, applications and infrastructure
More informationPALANTIR CYBER An End-to-End Cyber Intelligence Platform for Analysis & Knowledge Management
PALANTIR CYBER An End-to-End Cyber Intelligence Platform for Analysis & Knowledge Management INTRODUCTION Traditional perimeter defense solutions fail against sophisticated adversaries who target their
More informationQRadar SIEM and Zscaler Nanolog Streaming Service
QRadar SIEM and Zscaler Nanolog Streaming Service February 2014 1 QRadar SIEM: Security Intelligence Platform QRadar SIEM provides full visibility and actionable insight to protect networks and IT assets
More informationPOWERFUL SOFTWARE. FIGHTING HIGH CONSEQUENCE CYBER CRIME. KEY SOLUTION HIGHLIGHTS
ADVANCED CYBER THREAT ANALYTICS POWERFUL SOFTWARE. FIGHTING HIGH CONSEQUENCE CYBER CRIME. Wynyard Advanced Cyber Threat Analytics (ACTA) is a Pro-active Cyber Forensics solution that helps protect organisations
More informationHow To Create A Data Science System
Enhance Collaboration and Data Sharing for Faster Decisions and Improved Mission Outcome Richard Breakiron Senior Director, Cyber Solutions Rbreakiron@vion.com Office: 571-353-6127 / Cell: 803-443-8002
More informationDYNAMIC DNS: DATA EXFILTRATION
DYNAMIC DNS: DATA EXFILTRATION RSA Visibility Reconnaissance Weaponization Delivery Exploitation Installation C2 Action WHAT IS DATA EXFILTRATION? One of the most common goals of malicious actors is to
More informationTake the Red Pill: Becoming One with Your Computing Environment using Security Intelligence
Take the Red Pill: Becoming One with Your Computing Environment using Security Intelligence Chris Poulin Security Strategist, IBM Reboot Privacy & Security Conference 2013 1 2012 IBM Corporation Securing
More informationSome Research Challenges for Big Data Analytics of Intelligent Security
Some Research Challenges for Big Data Analytics of Intelligent Security Yuh-Jong Hu hu at cs.nccu.edu.tw Emerging Network Technology (ENT) Lab. Department of Computer Science National Chengchi University,
More informationlocuz.com Big Data Services
locuz.com Big Data Services Big Data At Locuz, we help the enterprise move from being a data-limited to a data-driven one, thereby enabling smarter, faster decisions that result in better business outcome.
More informationSIMPLE MACHINE HEURISTIC INTELLIGENT AGENT FRAMEWORK
SIMPLE MACHINE HEURISTIC INTELLIGENT AGENT FRAMEWORK Simple Machine Heuristic (SMH) Intelligent Agent (IA) Framework Tuesday, November 20, 2011 Randall Mora, David Harris, Wyn Hack Avum, Inc. Outline Solution
More informationNEEDLE STACKS & BIG DATA: USING EVENT STREAM PROCESSING FOR RISK, SURVEILLANCE & SECURITY ANALYTICS IN CAPITAL MARKETS
NEEDLE STACKS & BIG DATA: USING PROCESSING FOR RISK, SURVEILLANCE & SECURITY ANALYTICS IN CAPITAL MARKETS JERRY BAULIER, DIRECTOR, PROCESSING DAVID M. WALLACE, GLOBAL FINANCIAL SERVICES MARKETING MANAGER
More informationCan We Become Resilient to Cyber Attacks?
Can We Become Resilient to Cyber Attacks? Nick Coleman, Global Head Cyber Security Intelligence Services December 2014 Can we become resilient National Security, Economic Espionage Nation-state actors,
More informationLeading The World Into Connected Security. Dipl.-Inform., CISSP, S+ Rolf Haas Enterprise Technology Specialist Content Lead EMEA
Leading The World Into Connected Security Dipl.-Inform., CISSP, S+ Rolf Haas Enterprise Technology Specialist Content Lead EMEA History of Defining Largest Dedicated Delivering a Next Generation Architecture
More informationBig Data Architectures: Concerns and Strategies for Cyber Security
Big Data Architectures: Concerns and Strategies for Cyber Security David Blockow Software Architect, Data to Decisions CRC david.blockow@d2dcrc.com.au au.linkedin.com/in/davidblockow Executive summary.
More informationAdvanced Visibility. Moving Beyond a Log Centric View. Matthew Gardiner, RSA & Richard Nichols, RSA
Advanced Visibility Moving Beyond a Log Centric View Matthew Gardiner, RSA & Richard Nichols, RSA 1 Security is getting measurability worse Percent of breaches where time to compromise (red)/time to Discovery
More informationCloud and Critical Infrastructures how Cloud services are factored in from a risk perspective
Cloud and Critical Infrastructures how Cloud services are factored in from a risk perspective Reaching the Cloud era in the EU Riga 16 June 2015 Jonathan Sage Government and Regulatory Affairs Cyber Security
More informationIBM: An Early Leader across the Big Data Security Analytics Continuum Date: June 2013 Author: Jon Oltsik, Senior Principal Analyst
ESG Brief IBM: An Early Leader across the Big Data Security Analytics Continuum Date: June 2013 Author: Jon Oltsik, Senior Principal Analyst Abstract: Many enterprise organizations claim that they already
More informationAugmented Search for IT Data Analytics. New frontier in big log data analysis and application intelligence
Augmented Search for IT Data Analytics New frontier in big log data analysis and application intelligence Business white paper May 2015 IT data is a general name to log data, IT metrics, application data,
More information100 Hamilton Avenue Palo Alto, California 94301 PALANTIR CYBER. An End-to-End Cyber Intelligence Platform
100 Hamilton Avenue Palo Alto, California 94301 PALANTIR CYBER An End-to-End Cyber Intelligence Platform Palantir Cyber: An End-to-End Cyber Intelligence Platform 2 TABLE OF CONTENTS 3 4 6 14 Introduction
More informationWhite Paper: Leveraging Web Intelligence to Enhance Cyber Security
White Paper: Leveraging Web Intelligence to Enhance Cyber Security October 2013 Inside: New context on Web Intelligence The need for external data in enterprise context Making better use of web intelligence
More informationWhat is Security Intelligence?
2 What is Security Intelligence? Security Intelligence --noun 1. the real-time collection, normalization, and analytics of the data generated by users, applications and infrastructure that impacts the
More informationTIBCO Cyber Security Platform. Atif Chaughtai
TIBCO Cyber Security Platform Atif Chaughtai 2 TABLE OF CONTENTS 1 Introduction/Background... 3 2 Current Challenges... 3 3 Solution...4 4 CONCLUSION...6 5 A Case in Point: The US Intelligence Community...7
More informationEnterprise Organizations Need Contextual- security Analytics Date: October 2014 Author: Jon Oltsik, Senior Principal Analyst
ESG Brief Enterprise Organizations Need Contextual- security Analytics Date: October 2014 Author: Jon Oltsik, Senior Principal Analyst Abstract: Large organizations have spent millions of dollars on security
More informationThe Big Data Paradigm Shift. Insight Through Automation
The Big Data Paradigm Shift Insight Through Automation Agenda The Problem Emcien s Solution: Algorithms solve data related business problems How Does the Technology Work? Case Studies 2013 Emcien, Inc.
More informationNiara Security Intelligence. Overview. Threat Discovery and Incident Investigation Reimagined
Niara Security Intelligence Threat Discovery and Incident Investigation Reimagined Niara enables Compromised user discovery Malicious insider discovery Threat hunting Incident investigation Overview In
More informationDetecting Anomalous Behavior with the Business Data Lake. Reference Architecture and Enterprise Approaches.
Detecting Anomalous Behavior with the Business Data Lake Reference Architecture and Enterprise Approaches. 2 Detecting Anomalous Behavior with the Business Data Lake Pivotal the way we see it Reference
More informationSymantec Enterprise Firewalls. From the Internet Thomas Jerry Scott
Symantec Enterprise Firewalls From the Internet Thomas Symantec Firewalls Symantec offers a whole line of firewalls The Symantec Enterprise Firewall, which emerged from the older RAPTOR product We are
More informationAlienVault Unified Security Management Solution Complete. Simple. Affordable Life Cycle of a log
Complete. Simple. Affordable Copyright 2014 AlienVault. All rights reserved. AlienVault, AlienVault Unified Security Management, AlienVault USM, AlienVault Open Threat Exchange, AlienVault OTX, Open Threat
More informationSecurity Analytics for Smart Grid
Security Analytics for Smart Grid Dr. Robert W. Griffin Chief Security Architect RSA, the Security Division of EMC robert.griffin@rsa.com blogs.rsa.com/author/griffin @RobtWesGriffin 1 No Shortage of Hard
More informationDecoding DNS data. Using DNS traffic analysis to identify cyber security threats, server misconfigurations and software bugs
Decoding DNS data Using DNS traffic analysis to identify cyber security threats, server misconfigurations and software bugs The Domain Name System (DNS) is a core component of the Internet infrastructure,
More informationQRadar SIEM and FireEye MPS Integration
QRadar SIEM and FireEye MPS Integration March 2014 1 IBM QRadar Security Intelligence Platform Providing actionable intelligence INTELLIGENT Correlation, analysis and massive data reduction AUTOMATED Driving
More informationInformation Technology Policy
Information Technology Policy Security Information and Event Management Policy ITP Number Effective Date ITP-SEC021 October 10, 2006 Category Supersedes Recommended Policy Contact Scheduled Review RA-ITCentral@pa.gov
More informationInformation Security, PII and Big Data
ITU Workshop on ICT Security Standardization for Developing Countries (Geneva, Switzerland, 15-16 September 2014) Information Security, PII and Big Data Edward (Ted) Humphreys ISO/IEC JTC 1/SC 27 (WG1
More informationUsing LYNXeon with NetFlow to Complete Your Cyber Security Picture
Using LYNXeon with NetFlow to Complete Your Cyber Security Picture 21CT.COM Combine NetFlow traffic with other data sources and see more of your network, over a longer period of time. Introduction Many
More informationSplunk: Using Big Data for Cybersecurity
Next Session Begins at 14:40 Splunk: Using Big Data for Cybersecurity Joe Goldberg Splunk Splunk: Using Big Data for Cybersecurity Joseph Goldberg Splunk Advanced Threats in the Headlines Cyber Criminals
More informationGOOD GUYS VS BAD GUYS: USING BIG DATA TO COUNTERACT ADVANCED THREATS. Joe Goldberg. Splunk. Session ID: SPO-W09 Session Classification: Intermediate
GOOD GUYS VS BAD GUYS: USING BIG DATA TO COUNTERACT ADVANCED THREATS Joe Goldberg Splunk Session ID: SPO-W09 Session Classification: Intermediate About Me Joe Goldberg Current: Splunk - Security Evangelist
More informationClearSkies SIEM Security-as-a-Service (SecaaS) Infocom Security Athens April 2014
1 ClearSkies SIEM Security-as-a-Service (SecaaS) Infocom Security Athens April 2014 About the Presenters Ms. Irene Selia, Product Manager, ClearSkies SecaaS SIEM Contact: iselia@odysseyconsultants.com,
More informationCritical Security Controls
Critical Security Controls Session 2: The Critical Controls v1.0 Chris Beal Chief Security Architect MCNC chris.beal@mcnc.org @mcncsecurity on Twitter The Critical Security Controls The Critical Security
More informationSecurity Visualization Past, Present, Future
Security Visualization Past, Present, Future Greg Conti West Point @cyberbgone http://dl.acm.org/citation.cfm?id=2671501 http://link.springer.com/chapter/10.1007%2f978-3-540-85933-8_11 http://images.cdn.stuff.tv/sites/stuff.tv/files/styles/big-image/public/25-best-hacker-movies-ever-the-matrix.jpg?itok=kiwtknw1
More informationBig Data for Big Value @ Intel
Big Data for Big Value @ Intel Moty Fania, PE Big data Analytics Assaf Araki, Sr. Arch. Big data Analytics Advanced Analytics team @ Intel IT Corporate ownership of advanced analytics Team charter Solve
More informationThreatSpike Dome: A New Approach To Security Monitoring
ThreatSpike Dome: A New Approach To Security Monitoring 2015 ThreatSpike Labs Limited The problem with SIEM Hacking, insider and advanced persistent threats can be difficult to detect with existing product
More informationAugust 2011. Investigating an Insider Threat. A Sensage TechNote highlighting the essential workflow involved in a potential insider breach
August 2011 A Sensage TechNote highlighting the essential workflow involved in a potential insider breach Table of Contents Executive Summary... 1... 1 What Just Happened?... 2 What did that user account
More informationBIG DATA IN THE CLOUD : CHALLENGES AND OPPORTUNITIES MARY- JANE SULE & PROF. MAOZHEN LI BRUNEL UNIVERSITY, LONDON
BIG DATA IN THE CLOUD : CHALLENGES AND OPPORTUNITIES MARY- JANE SULE & PROF. MAOZHEN LI BRUNEL UNIVERSITY, LONDON Overview * Introduction * Multiple faces of Big Data * Challenges of Big Data * Cloud Computing
More informationComprehensive Malware Detection with SecurityCenter Continuous View and Nessus. February 3, 2015 (Revision 4)
Comprehensive Malware Detection with SecurityCenter Continuous View and Nessus February 3, 2015 (Revision 4) Table of Contents Overview... 3 Malware, Botnet Detection, and Anti-Virus Auditing... 3 Malware
More informationDetect & Investigate Threats. OVERVIEW
Detect & Investigate Threats. OVERVIEW HIGHLIGHTS Introducing RSA Security Analytics, Providing: Security monitoring Incident investigation Compliance reporting Providing Big Data Security Analytics Enterprise-wide
More informationIBM QRadar Security Intelligence April 2013
IBM QRadar Security Intelligence April 2013 1 2012 IBM Corporation Today s Challenges 2 Organizations Need an Intelligent View into Their Security Posture 3 What is Security Intelligence? Security Intelligence
More informationAugmented Search for Web Applications. New frontier in big log data analysis and application intelligence
Augmented Search for Web Applications New frontier in big log data analysis and application intelligence Business white paper May 2015 Web applications are the most common business applications today.
More informationVISIBLY BETTER RISK AND SECURITY MANAGEMENT
VISIBLY BETTER RISK AND SECURITY MANAGEMENT Mason Hooper Practice Manager, SIEM Solutions, McAfee APAC December 13, 2012 Oct 17 10:00:27, Application=smtp, Oct 17 10:00:27, Application=smtp, Event='Email
More informationAlienVault. Unified Security Management (USM) 5.x Policy Management Fundamentals
AlienVault Unified Security Management (USM) 5.x Policy Management Fundamentals USM 5.x Policy Management Fundamentals Copyright 2015 AlienVault, Inc. All rights reserved. The AlienVault Logo, AlienVault,
More informationPresented by: Aaron Bossert, Cray Inc. Network Security Analytics, HPC Platforms, Hadoop, and Graphs Oh, My
Presented by: Aaron Bossert, Cray Inc. Network Security Analytics, HPC Platforms, Hadoop, and Graphs Oh, My The Proverbial Needle In A Haystack Problem The Nuclear Option Problem Statement and Proposed
More informationBeyond Check The Box
Beyond Check The Box Powering Intrusion Investigations PRESENTED BY: Jim Aldridge 27 MARCH 2014 Five Important Capabilities Mapping an IP address to a hostname Identifying the systems to which a specified
More informationCyber Situational Awareness for Enterprise Security
Cyber Situational Awareness for Enterprise Security Tzvi Kasten AVP, Business Development Biju Varghese Director, Engineering Sudhir Garg Technical Architect The security world is changing as the nature
More informationTowards Threat Wisdom
Towards Threat Wisdom Duncan Brown dbrown@idc.com @duncanwbrown What our world looks like Incidents Threats 48% 1 1mpd 2 Infections x14 3 Sources: 1. PwC, The Global State of Information Security Survey
More informationTaking Data Analytics to the Next Level
Taking Data Analytics to the Next Level Implementing and Supporting Big Data Initiatives What Is Big Data and How Is It Applicable to Anti-Fraud Efforts? 2 of 20 Definition Gartner: Big data is high-volume,
More informationMucho Big Data y La Seguridad para cuándo?
Mucho Big Data y La Seguridad para cuándo? Juan Carlos Vázquez Sales Systems Engineer, LTAM mayo 9, 2013 Agenda Business Drivers Big Security Data GTI Integration SIEM Architecture & Offering Why McAfee
More informationADVANCED KILL CHAIN DISRUPTION. Enabling deception networks
ADVANCED KILL CHAIN DISRUPTION Enabling deception networks Enabling Deception Networks Agenda Introduction Overview of Active Defense Process Orchestration in Active Defense Introducing Deception Networks
More informationHow To Understand The Value Of Big Data
Big Data Is Not Yet Another IT Project Krish Krishnan President, Sixth Sense Advisors Inc Bridge to Big Data Oct 23 rd 2012 Background Applications, OLTP Systems, Traditional Data Warehouse and Business
More information1 st Symposium on Colossal Data and Networking (CDAN-2016) March 18-19, 2016 Medicaps Group of Institutions, Indore, India
1 st Symposium on Colossal Data and Networking (CDAN-2016) March 18-19, 2016 Medicaps Group of Institutions, Indore, India Call for Papers Colossal Data Analysis and Networking has emerged as a de facto
More informationNiara Security Analytics. Overview. Automatically detect attacks on the inside using machine learning
Niara Security Analytics Automatically detect attacks on the inside using machine learning Automatically detect attacks on the inside Supercharge analysts capabilities Enhance existing security investments
More informationWHITE PAPER SPLUNK SOFTWARE AS A SIEM
SPLUNK SOFTWARE AS A SIEM Improve your security posture by using Splunk as your SIEM HIGHLIGHTS Splunk software can be used to operate security operations centers (SOC) of any size (large, med, small)
More informationUsing SIEM for Real- Time Threat Detection
Using SIEM for Real- Time Threat Detection Presentation to ISSA Baltimore See and secure what matters Joe Magee CTO and Co-Founder March, 27 2013 About us Vigilant helps clients build and operate dynamic,
More informationThreat Intelligence for Dummies. Karen Scarfone Scarfone Cybersecurity
Threat Intelligence for Dummies Karen Scarfone Scarfone Cybersecurity 1 Source Material Threat Intelligence for Dummies ebook Co-authored with Steve Piper of CyberEdge Group Published by Wiley Sponsored
More informationThe SIEM Evaluator s Guide
Using SIEM for Compliance, Threat Management, & Incident Response Security information and event management (SIEM) tools are designed to collect, store, analyze, and report on log data for threat detection,
More informationSecuring NoSQL Clusters
Presents Securing NoSQL Clusters Adrian Lane, CTO alane@securosis.com Twitter: @AdrianLane David Mortman dmortman@securosis.com Twitter: @ Independent analysts with backgrounds on both the user and vendor
More informationA New Era Of Analytic
Penang egovernment Seminar 2014 A New Era Of Analytic Megat Anuar Idris Head, Project Delivery, Business Analytics & Big Data Agenda Overview of Big Data Case Studies on Big Data Big Data Technology Readiness
More informationEight Essential Elements for Effective Threat Intelligence Management May 2015
INTRODUCTION The most disruptive change to the IT security industry was ignited February 18, 2013 when a breach response company published the first research that pinned responsibility for Advanced Persistent
More informationIBM InfoSphere Guardium for DB2 on z/os Technical Deep Dive
IBM InfoSphere Guardium for DB2 on z/os Technical Deep Dive One of a series of InfoSphere Guardium Technical Talks Ernie Mancill Executive IT Specialist Logistics This tech talk is being recorded. If you
More informationOverview. Security System Administration
Better Tools for System Administration: Enhancing the Human-Computer Interface with Visualization Bill Yurcik Manager, NCSA Security Research National Center for Advanced Secure
More informationHOW TO DO A SMART DATA PROJECT
April 2014 Smart Data Strategies HOW TO DO A SMART DATA PROJECT Guideline www.altiliagroup.com Summary ALTILIA s approach to Smart Data PROJECTS 3 1. BUSINESS USE CASE DEFINITION 4 2. PROJECT PLANNING
More informationHierarchical Data Visualization. Ai Nakatani IAT 814 February 21, 2007
Hierarchical Data Visualization Ai Nakatani IAT 814 February 21, 2007 Introduction Hierarchical Data Directory structure Genealogy trees Biological taxonomy Business structure Project structure Challenges
More informationAGENDA. What is BIG DATA? What is Hadoop? Why Microsoft? The Microsoft BIG DATA story. Our BIG DATA Roadmap. Hadoop PDW
AGENDA What is BIG DATA? What is Hadoop? Why Microsoft? The Microsoft BIG DATA story Hadoop PDW Our BIG DATA Roadmap BIG DATA? Volume 59% growth in annual WW information 1.2M Zetabytes (10 21 bytes) this
More informationAccelOps NOC and SOC Analytics in a Single Pane of Glass Date: March 2016 Author: Tony Palmer, Senior ESG Lab Analyst
ESG Lab Spotlight AccelOps NOC and SOC Analytics in a Single Pane of Glass Date: March 2016 Author: Tony Palmer, Senior ESG Lab Analyst Abstract: This ESG Lab Spotlight details ESG s hands-on testing of
More informationTrends and Research Opportunities in Spatial Big Data Analytics and Cloud Computing NCSU GeoSpatial Forum
Trends and Research Opportunities in Spatial Big Data Analytics and Cloud Computing NCSU GeoSpatial Forum Siva Ravada Senior Director of Development Oracle Spatial and MapViewer 2 Evolving Technology Platforms
More informationBecome a hunter: fi nding the true value of SIEM.
Become a hunter: fi nding the true value of SIEM. When Security Information and Event Management (SIEM) hit the security scene, it was heralded as a breakthrough in threat detection. However, SIEM is just
More informationSERVICE ORIENTED EVENT ASSESSMENT CLOSING THE GAP OF COMPLIANCE MANAGEMENT
IBM Software Group SERVICE ORIENTED EVENT ASSESSMENT CLOSING THE GAP OF COMPLIANCE MANAGEMENT Dieter Riexinger IT Architect 09.10.2009 2009 IBM Corporation Agenda Introduction Legal obligations and regulations
More informationEffective Methods to Detect Current Security Threats
terreactive AG. Swiss Cyber Storm 2015. Effective Methods to Detect Current Security Threats Taking your IT security to the next level, you have to consider a paradigm shift. In the past companies mostly
More informationAssociate Prof. Dr. Victor Onomza Waziri
BIG DATA ANALYTICS AND DATA SECURITY IN THE CLOUD VIA FULLY HOMOMORPHIC ENCRYPTION Associate Prof. Dr. Victor Onomza Waziri Department of Cyber Security Science, School of ICT, Federal University of Technology,
More informationEvolution of attacks and Intrusion Detection
Evolution of attacks and Intrusion Detection AFSecurity seminar 11 April 2012 By: Stian Jahr Agenda Introductions What is IDS What is IDS in mnemoic How attacks have changed by time and how has it changed
More informationTORNADO Solution for Telecom Vertical
BIG DATA ANALYTICS & REPORTING TORNADO Solution for Telecom Vertical Overview Last decade has see a rapid growth in wireless and mobile devices such as smart- phones, tablets and netbook is becoming very
More informationSearch and Data Mining: Techniques. Introduction Anna Yarygina Boris Novikov
Search and Data Mining: Techniques Introduction Anna Yarygina Boris Novikov Data Analytics: Conference Sections Fundamentals for data analytics Mechanisms and features Big Data Huge data Target analytics
More informationThe Future of the Advanced SOC
The Future of the Advanced SOC Developing a platform for more effective security management and compliance Steven Van Ormer RSA Technical Security Consultant 1 Agenda Today s Security Landscape and Why
More informationNetwork that Know. Rasmus Andersen Lead Security Sales Specialist North & RESE
Network that Know Rasmus Andersen Lead Security Sales Specialist North & RESE Email Gateway vendor CERT AV vendor Law enforcement Web Security Vendor Network security appliance vendor IT Department App
More informationFinance sector application of the SATURN Intelligent Data Analytics and Visualisation Platform
Finance sector application of the SATURN Intelligent Data Analytics and Visualisation Platform A white paper by: Dr Robert Ghanea-Hercock Chief Research Scientist BT Security Futures Practice The finance
More informationHow To Make Data Streaming A Real Time Intelligence
REAL-TIME OPERATIONAL INTELLIGENCE Competitive advantage from unstructured, high-velocity log and machine Big Data 2 SQLstream: Our s-streaming products unlock the value of high-velocity unstructured log
More informationIntroducing IBM s Advanced Threat Protection Platform
Introducing IBM s Advanced Threat Protection Platform Introducing IBM s Extensible Approach to Threat Prevention Paul Kaspian Senior Product Marketing Manager IBM Security Systems 1 IBM NDA 2012 Only IBM
More informationCase Study: Real-time Analytics With Druid. Salil Kalia, Tech Lead, TO THE NEW Digital
Case Study: Real-time Analytics With Druid Salil Kalia, Tech Lead, TO THE NEW Digital Agenda Understanding the use-case Ad workflow Our use case Experiments with technologies Redis Cassandra Introduction
More information5 Keys to Unlocking the Big Data Analytics Puzzle. Anurag Tandon Director, Product Marketing March 26, 2014
5 Keys to Unlocking the Big Data Analytics Puzzle Anurag Tandon Director, Product Marketing March 26, 2014 1 A Little About Us A global footprint. A proven innovator. A leader in enterprise analytics for
More informationReal Time Fraud Detection With Sequence Mining on Big Data Platform. Pranab Ghosh Big Data Consultant IEEE CNSV meeting, May 6 2014 Santa Clara, CA
Real Time Fraud Detection With Sequence Mining on Big Data Platform Pranab Ghosh Big Data Consultant IEEE CNSV meeting, May 6 2014 Santa Clara, CA Open Source Big Data Eco System Query (NOSQL) : Cassandra,
More information可 视 化 与 可 视 计 算 概 论. Introduction to Visualization and Visual Computing 袁 晓 如 北 京 大 学 2015.12.23
可 视 化 与 可 视 计 算 概 论 Introduction to Visualization and Visual Computing 袁 晓 如 北 京 大 学 2015.12.23 2 Visual Analytics Adapted from Jim Thomas s slides 3 Visual Analytics Definition Visual Analytics is the
More informationVisualization, Modeling and Predictive Analysis of Internet Attacks. Thermopylae Sciences + Technology, LLC
Visualization, Modeling and Predictive Analysis of Internet Attacks Thermopylae Sciences + Technology, LLC Administrative POC: Ms. Jeannine Feasel, jfeasel@t-sciences.com Technical POC: George Romas, gromas@t-sciences.com
More information