Securing NoSQL Clusters

Similar documents
What is Security Intelligence?

Aligning Your Strategic Initiatives with a Realistic Big Data Analytics Roadmap

Evolution Of Cyber Threats & Defense Approaches

Q1 Labs Corporate Overview

Beyond Web Application Log Analysis using Apache TM Hadoop. A Whitepaper by Orzota, Inc.

So What s the Big Deal?

White Paper: Evaluating Big Data Analytical Capabilities For Government Use

How To Handle Big Data With A Data Scientist

BIG DATA ANALYTICS REFERENCE ARCHITECTURES AND CASE STUDIES

Building Your Big Data Team

The Enterprise Data Hub and The Modern Information Architecture

The Future of Data Management

Integrating Hadoop. Into Business Intelligence & Data Warehousing. Philip Russom TDWI Research Director for Data Management, April

ESS event: Big Data in Official Statistics. Antonino Virgillito, Istat

Big Data and Data Science: Behind the Buzz Words

White Paper: What You Need To Know About Hadoop

End to End Solution to Accelerate Data Warehouse Optimization. Franco Flore Alliance Sales Director - APJ

GAIN BETTER INSIGHT FROM BIG DATA USING JBOSS DATA VIRTUALIZATION

Ubuntu: helping drive business insight from Big Data

Augmented Search for IT Data Analytics. New frontier in big log data analysis and application intelligence

Information Technology Policy

Evaluating NoSQL for Enterprise Applications. Dirk Bartels VP Strategy & Marketing

Business Intelligence for Big Data

Introduction to Big Data! with Apache Spark" UC#BERKELEY#

Luncheon Webinar Series May 13, 2013

Big Data Integration: A Buyer's Guide

HDP Hadoop From concept to deployment.

SIEM 2.0: AN IANS INTERACTIVE PHONE CONFERENCE INTEGRATING FIVE KEY REQUIREMENTS MISSING IN 1ST GEN SOLUTIONS SUMMARY OF FINDINGS

How To Secure A Big Data Cluster

TRAINING PROGRAM ON BIGDATA/HADOOP

BASHO DATA PLATFORM SIMPLIFIES BIG DATA, IOT, AND HYBRID CLOUD APPS

Securing Big Data: Security Recommendations for Hadoop and NoSQL Environments

Big Data Analytics Nokia

White paper. The Big Data Security Gap: Protecting the Hadoop Cluster

Big Data on the Open Cloud

INTRODUCTION TO CASSANDRA

GigaSpaces Real-Time Analytics for Big Data

Best Practices for Database Security

You should have a working knowledge of the Microsoft Windows platform. A basic knowledge of programming is helpful but not required.

Augmented Search for Web Applications. New frontier in big log data analysis and application intelligence

Ali Eghlima Ph.D Director of Bioinformatics. A Bioinformatics Research & Consulting Group

Integrating a Big Data Platform into Government:

Forecast of Big Data Trends. Assoc. Prof. Dr. Thanachart Numnonda Executive Director IMC Institute 3 September 2014

Big Data: What You Should Know. Mark Child Research Manager - Software IDC CEMA

Enterprise Cybersecurity: Building an Effective Defense

Big Data on Microsoft Platform

More Data in Less Time

DAMA NY DAMA Day October 17, 2013 IBM 590 Madison Avenue 12th floor New York, NY

CREATING PACKAGED IP FOR BUSINESS ANALYTICS PROJECTS

Hadoop Evolution In Organizations. Mark Vervuurt Cluster Data Science & Analytics

Prevent cyber attacks. SEE. what you are missing. Netw rk Infrastructure Security Management

Oracle Big Data Handbook

Oracle Big Data Strategy Simplified Infrastrcuture

Capitalize on Big Data for Competitive Advantage with Bedrock TM, an integrated Management Platform for Hadoop Data Lakes

WHITE PAPER SPLUNK SOFTWARE AS A SIEM

BIG DATA AND THE ENTERPRISE DATA WAREHOUSE WORKSHOP

Datenverwaltung im Wandel - Building an Enterprise Data Hub with

SITUATIONAL AWARENESS MITIGATE CYBERTHREATS

How Transactional Analytics is Changing the Future of Business A look at the options, use cases, and anti-patterns

Big Data Infrastructure at Spotify

Introducing Oracle Exalytics In-Memory Machine

Understanding Your Customer Journey by Extending Adobe Analytics with Big Data

Managing Big Data with Hadoop & Vertica. A look at integration between the Cloudera distribution for Hadoop and the Vertica Analytic Database

Big Data for everyone Democratizing big data with the cloud. Steffen Krause Technical

Chukwa, Hadoop subproject, 37, 131 Cloud enabled big data, 4 Codd s 12 rules, 1 Column-oriented databases, 18, 52 Compression pattern, 83 84

Cloud Integration and the Big Data Journey - Common Use-Case Patterns

Oracle Database 12c Plug In. Switch On. Get SMART.

IBM: An Early Leader across the Big Data Security Analytics Continuum Date: June 2013 Author: Jon Oltsik, Senior Principal Analyst

Oracle Database - Engineered for Innovation. Sedat Zencirci Teknoloji Satış Danışmanlığı Direktörü Türkiye ve Orta Asya

OPEN MODERN DATA ARCHITECTURE FOR FINANCIAL SERVICES RISK MANAGEMENT

Dominik Wagenknecht Accenture

Securing Hadoop. Sudheesh Narayanan. Chapter No.1 "Hadoop Security Overview"

SELLING PROJECTS ON THE MICROSOFT BUSINESS ANALYTICS PLATFORM

Analytics in the Cloud. Peter Sirota, GM Elastic MapReduce

Big Data - Infrastructure Considerations

IBM Software InfoSphere Guardium. Planning a data security and auditing deployment for Hadoop

Data Virtualization A Potential Antidote for Big Data Growing Pains

Prevent cyber attacks. SEE. what you are missing. Netw rk Infrastructure Security Management

Data Services Advisory

Hadoop Ecosystem Overview. CMSC 491 Hadoop-Based Distributed Computing Spring 2015 Adam Shook

Ubuntu and Hadoop: the perfect match

Hadoop and Relational Database The Best of Both Worlds for Analytics Greg Battas Hewlett Packard

W H I T E P A P E R. Deriving Intelligence from Large Data Using Hadoop and Applying Analytics. Abstract

Big Data Architecture & Analytics A comprehensive approach to harness big data architecture and analytics for growth

Cloud Security: Evaluating Risks within IAAS/PAAS/SAAS

Big Data Analytics Roadmap Energy Industry

Data Lake In Action: Real-time, Closed Looped Analytics On Hadoop

DISCOVERING AND SECURING SENSITIVE DATA IN HADOOP DATA STORES

Introduction to Hadoop. New York Oracle User Group Vikas Sawhney

IBM InfoSphere Guardium Data Activity Monitor for Hadoop-based systems

WINDOWS AZURE DATA MANAGEMENT AND BUSINESS ANALYTICS

An Oracle White Paper November Leveraging Massively Parallel Processing in an Oracle Environment for Big Data Analytics

P4.1 Reference Architectures for Enterprise Big Data Use Cases Romeo Kienzler, Data Scientist, Advisory Architect, IBM Germany, Austria, Switzerland

2015 Analyst and Advisor Summit. Advanced Data Analytics Dr. Rod Fontecilla Vice President, Application Services, Chief Data Scientist

Big Data, Big Risk, Big Rewards. Hussein Syed

IBM QRadar Security Intelligence April 2013

Securing Your Big Data Environment

Well packaged sets of preinstalled, integrated, and optimized software on select hardware in the form of engineered systems and appliances

Big Data Management and Security

Transcription:

Presents Securing NoSQL Clusters Adrian Lane, CTO alane@securosis.com Twitter: @AdrianLane David Mortman dmortman@securosis.com Twitter: @

Independent analysts with backgrounds on both the user and vendor side. Focused on deep technical and industry expertise. We like pragmatic. We are security guys - that s all we do. About Securosis

How does big data help with security analytics? and How Do I Protect Data in the Cluster? The Research

Encyclopedic Hutton and the Big Data Blues Source: Wikipedia, property of Warner Bros.

More data of more types Need forensics Need to determine risk Need to detect fraud Need to detect intrusions Need to protect this data Need to automate Management: Get it done!

Security analytics not working! My systems won t do the forensics Bolt-ons not working with my SIEM or data management systems Won t collect the data types I need Shock/Denial

Why Doesn't my SIEM do this? Isn t that what I already bought?

What SIEM promised

Not really... Most SIEM s can t handle the volume of data Most SIEMs can t process all data types Many based upon RDBMS Many can t do complex analysis

I ll buy a security analytics platform Feed event data in Correlate across my SIEM and data warehouse Use my existing policies and reports! Image source: www.nycgo.com No problem!

Image Source: nithyananda-cult.blogspot.com Anger

SIEM Mashup An#$Fraud*&* 3rd*Party*Analy#cs* MSP*&*3rd*Party* Monitoring* Advanced*Malware* Protec#on* DIY* Big*Data * SIEM% Threat*Intelligence* General*Purpose* Analy#cs*

Security Analytics Platforms Each deals with one use case - customers have several Companies need structured, unstructured and semi-structured data analysis Use different platforms internally, some piggyback on select SIEM, some are standalone Real time _or_ forensic, not both Vendors offer one or two analysis approach REST-ful APIs not available

Bargaining Image source: larainydays.blogspot.com

The Inevitable Questions: Bunch of previously acquired technologies - how do we fit them together? What is the rest of the industry doing? Where are the enterprise grade analytics tools? Who handles fraud and risk and security intelligence and threat analytics? Where do I go to find people?

Encyclopedia Hutton Asks Friends For Advice

DIY Security Analytics! Use Big Data - it scales It handles many types of data You can customize as you see fit It s designed to support analytics

Image courtesy of pragsis.com Hadoop let s you do all this and more - virtually free analytics tools on commodity hardware!

Image source: Problogger.net Big Data Will Save The Day!

Performance Scalability Data volume Data types Fast lookup or fast analysis Flexibility How does big data help?

Image source: monkeysbadmonkeys.wordpress.com Build everything from scratch? Do you know how much this will cost? All new software All new systems Data architect, statisticians and security pro s Depression

Big Data is Supposed to Address My Problems

I don t know what I don t know! What pieces do I need? How do I organize data? How will I manage something this complex? How do I secure this critical data? Getting control is not easy

It s all new Pig? Hive? Flume? What does it mean? What exactly is a data architect? It s not SQL? Can I run queries across databases? How does it scale? Key data on what values? How do I secure it?

NoSQL Cluster Architecture Client%Job%Request% Node%Status% M7R%Status% Resource%Request% Node% Manager% Data$ App$ Client$ Client$ Resource% Manager% Node% Manager% App$ Data$ Node% Manager% Data$ Data$

Hadoop Stack

Early days for big data No in-house data scientist Programmers needed Just figuring out what we can do with NoSQL DIY Analytics Today vendors don t know much more than you http://flic.kr/p/efqfy9 Talent Gap

Integration Issues APIs inconsistent/unavailable Log Management & data collection Peer to peer queries and results

Taking on the task that is security analytics with big data. Realizing that platforms like Hadoop are first step Cluster Security can be done With the right skills, that can be leverage to great effect. Acceptance

Building the machine

Applied Big Data Start with Metrics Build a model (aka have a theory) Test it! Having a data scientist type helps

GQM Goal Question Metric

Example - NIST CSF ID.AM: The data, personnel, devices, systems, and facilities that enable the organization to achieve business purposes are identified and managed consistent with their relative importance to business objectives and the organization s risk strategy.

Example - NIST CSF Are network ingress points documented? Are network egress points mapped? Are data flows mapped?

Example - NIST CSF # Undocumented Ingress points # Undocumented egress points # of Undocumented Data Flows % business units/business processes/etc. without data flow diagrams % business units/business processes/etc. with data flow diagrams

SIRA - NIST CSF http://nistcsf.societyinforisk.org

Different Flavors of NoSQL Hadoop - Universal M-R for huge data sets. Great for search, log analysis, ad-hoc queries. Cassandra - Columnar store. Indexed. Best for writing lots of data quickly, few lookups. Highly distributable. CouchDB - General purpose analytics database. Fast insert/few changes. Pre-defined queries. RIAK - Super-fast data lookup - like Dynamo - but with data management and scalability. Control system logs and fast devices. Redis - Fast changing data. In memory."

Operational Issues Node & App Validation Admin Access Data at Rest Monitoring Config. Management

Big Data Security Architectures

Model 1: Walled Garden

So if I put a firewall around it

Model 1: Walled Garden Think Mainframe security silo Basically hide the cluster behind firewall User passwords Network segmentation, SSL

Beyond the Status Quo http://www.despair.com/tradition.html

Model 2: App Protected

Model 2: App Protected Authenticate Applications Authenticate Users Authorize data access (roles) Filter API requests Audit Activity

Model 3: Data Centric Approach Tokenization Encryption Masking

Securosis Data Breach Triangle Exploit Egress Data

Tokenization, FPE & Masking

Model 3: Data Centric Approach Protect data before it s put into cluster Can t steal what s not there Removal: Masking Removal: Tokenization Protection: Encryption

Model 4: Deploy in The Cloud

Given general knowledge of Cloud & NoSQL security, some of you are thinking this does not end well

Reality is different u Security Zones u Data Encryption u Built-in SSL u Authentication u Hyper-segregation u Logging, monitoring u Automated Config Management

Model 4: Leverage Cloud Security Data encryption (SSL, encrypted storage) Key management services Security zones Authentication services Server management (config, patch) Logging & monitoring services

Big Data Security is not easy - Complex environments - No clear definition - Lots of new research - Pragmatic approach - Many more issues - Ongoing research project Easy? No.

Adrian Lane Securosis, L.L.C. David Mortman Dell, Inc.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information