Simon -> Hand over to James for next TALK TRACK The project is called Apache Metron. It’s an incubating Apache project and we would love for anyone interested in be more involved with it. It’s designed to be a comprehensive via of all cybersecurity data, all accessed through a single pane of glass.
The data from multiple sources – security endpoints such as Fireeye, Palo Alto, Bluecoat are part of the picture – these companies are doing amazing well, but from a contextual threat perspective they are part of the story. There are also machine logs, network data, threat intelligence feeds – all together this is collected and then processed through a real-time cyber security engine.
On the other side – the far right hand size, you see some of the results that enabled by a full contextual view with real-time stream processing – search and dashboarding portal – a single pane of glass as mentioned, shared community analytics models.
This allows everyone, the community as a whole to work together to combat cybersecurity threats that are becoming increasing sophisticated and difficult to counter these days.
A streaming architecture for Cyber Security - Apache Metron
A streaming architecture
for Cyber Security
with NiFi, Hadoop, Storm and Metron
Simon Elliston Ball
• Product Manager
• Data Scientist
• Elephant herder
Reports of 1.2 Tbps
500,000 devices at peak
DDoS attacks on Dyn DNS services