Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Big Data Shouldn't Be Big

451 views

Published on

A presentation from Dr Jamie Graves at The Cyber Academy

Published in: Technology
  • Be the first to comment

Big Data Shouldn't Be Big

  1. 1. Big Data Shouldn’t be Big
  2. 2. ZoneFox – Who Are We ? • Spin-out from Edinburgh Napier University • Endpoint Detection and Response
  3. 3. ZoneFox as Big Data • ZoneFox streams and collects endpoint data • On average we write more than 300 million events per day, per client • 1 Trillion events on average for a 500-endpoint customer
  4. 4. How do our Customers use ZoneFox?
  5. 5. What we learned • Theoretical • Practical
  6. 6. In Theory…
  7. 7. “Big data is a term for data sets that are so large or complex that traditional data processing applications are inadequate.”
  8. 8. Vs.
  9. 9. • 332 million active users • 300-500 million tweets per- day • 1.65 billion active users • Every 60 Seconds: – 510 Comments – 293,000 statuses – 136,000 photos
  10. 10. Source: Pew Research Center Source: Cowen & Company
  11. 11. $250 Billion$10 Billion
  12. 12. What does Facebook get right? • Meaning • Focus
  13. 13. Meaning • Data is not Information – Relevant vs Irrelevant – Signal to Noise
  14. 14. Focus • Volume • Velocity • Variety = Value
  15. 15. In Practice…
  16. 16. ZoneFox – Architecture Endpoint Agents [Windows, Linux & SQL Server] Collector & Presentation Server(s) [Microsoft Windows] Database, Reporting & Search Server(s) [Ubuntu] Horizontally Scalable. Proven to handle 10,000+ endpoint agents Secure, Highly Compressed Messages Lightweight, Zero-Configuration Agent
  17. 17. ZoneFox Data • Simple Event Model – Machine – User – Process – Object – Behaviour – Time
  18. 18. What Does this Mean? • We’re able to tell when – Bob in HR starts to act like Alice in Engineering – Alice is thinking of leaving the organisation – Eve uses shadow IT out of frustration
  19. 19. Rolling your own • Technology is often immature, resulting in frequent release cycles with breaking changes. • Usually, 1 big data solution solves 1 niche problem • Expect to trade some speed for consistency: getting results faster means you have to compromise on data "freshness"
  20. 20. Rolling your own • Very small talent pool, as most devs won't have much experience with the latest technology X • Security in big data is an actively developing area • Any additional features are usually not available out of the box.
  21. 21. Thanks – Any Questions? Jamie Graves, CEO j.graves@zonefox.com

×