Software // Information Management
News
12/11/2013
12:15 PM
Connect Directly
Google+
LinkedIn
Twitter
RSS
E-Mail

Splunk Brings Big Data Into Security Monitoring

Telco IDT taps Splunk to optimize IT and isolate security threats. The next step is spotting marketing opportunities hidden in big data.

Comment  | 
Print  | 
Comments
Newest First  |  Oldest First  |  Threaded View
Stratustician
50%
50%
Stratustician,
User Rank: Ninja
12/16/2013 | 7:33:26 PM
Big Data for other security tools?
While it's nice to see Big Data being used to process SIEM data as it relates to network activity, I'm curious to see if this model will be applied to more proactive security tools to ideally predict attacks based on unusual behaviour.  For example, while it could be used to isolate a machine that is detected to be compromised, what if it was plugged into IDS/IPS, or even Web Application Firewalls (WAF) to say "Hey, this isn't the normal path that network traffic flows, or these files, or system changes aren't normally used in this way." Theoretically this would help reduce the risk of an infected or compromised machine before it even gets past the firewall.
D. Henschen
50%
50%
D. Henschen,
User Rank: Author
12/11/2013 | 1:28:41 PM
App consolidation play
This is obvoiusly a case of application consolidation within IT. Ben-Oni was cagey about the security monitoring system replaced, other than to say it was a "flagship security information and event monitoring system." The home-grown IT troubleshooting app replaced was built on Oracle database, but I'm guessing the slow search speeds had more to do with limited, home-grown functionality than raw database speeds. 
The Agile Archive
The Agile Archive
When it comes to managing data, donít look at backup and archiving systems as burdens and cost centers. A well-designed archive can enhance data protection and restores, ease search and e-discovery efforts, and save money by intelligently moving data from expensive primary storage systems.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest - July 22, 2014
Sophisticated attacks demand real-time risk management and continuous monitoring. Here's how federal agencies are meeting that challenge.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
A UBM Tech Radio episode on the changing economics of Flash storage used in data tiering -- sponsored by Dell.
Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.