Big data and security intelligence are the two hot security topics in 2012. We are collecting more and more information from both the infrastructure, but increasingly also directly from our applications. Some companies are moving away from traditional log management and SIEM tools and are deploying big data products. But what is this big data craze all about? Why is it that we have more and more data to look at? And is big data the right approach or what is missing?
The presentation takes the audience on a journey through big data tools and show that analytical tools are needed to make use of these infrastructures. How can visualization be used to fill in the gap in analytics to move into gaining situational awareness and building up security intelligence.
1. Visual Analytics and
Security Intelligence
Big Data in Action
Nordic Security Conference - August 2012
Raffael Marty
pixlcloud | creating big data stories copyright (c) 2012
2. Doushuai's Three Barriers
‘You make your way through the darkness of abandoned grasses in a
search for meaning. As you do, where is the meaning?'
47th case of'The Gateless Barrier'
a collection of Zen koans
4. Security Intelligence
• Where We Wanna Be
• SIEM, log management
• Changing IT
• Did SIEM keep pace?
• What’s still missing?
• Security Intelligence and Big Data
pixlcloud | creating actionable data insights copyright (c) 2012
16. IT Has Been Changing
“memory has become the new hard
disk, hard disks are the tapes of
years ago” -- unknown source
pixlcloud | creating actionable data insights copyright (c) 2012
17. IT Has Been Changing
• Cloud
- on-demand compute resources
- on-demand, limitless storage
- on-demand ‘applications’ (MR, DB, ...)
• New, free search engines
• New data stores and paradigms
• New processing capabilities
pixlcloud | creating actionable data insights copyright (c) 2012
20. SIEMs Are Taking Note
• Start to utilize new paradigms (dynamic schema, better scale)
• More in the cloud - hands-off
• Tracking objects (users, machines) --> building models
pixlcloud | creating actionable data insights copyright (c) 2012