Splunk Brings Big Data Into Security Monitoring - InformationWeek
IoT
IoT
Software // Information Management
News
12/11/2013
12:15 PM
Connect Directly
LinkedIn
Twitter
Google+
RSS
E-Mail

Splunk Brings Big Data Into Security Monitoring

Telco IDT taps Splunk to optimize IT and isolate security threats. The next step is spotting marketing opportunities hidden in big data.

Comment  | 
Print  | 
Comments
Newest First  |  Oldest First  |  Threaded View
Stratustician
50%
50%
Stratustician,
User Rank: Ninja
12/16/2013 | 7:33:26 PM
Big Data for other security tools?
While it's nice to see Big Data being used to process SIEM data as it relates to network activity, I'm curious to see if this model will be applied to more proactive security tools to ideally predict attacks based on unusual behaviour.  For example, while it could be used to isolate a machine that is detected to be compromised, what if it was plugged into IDS/IPS, or even Web Application Firewalls (WAF) to say "Hey, this isn't the normal path that network traffic flows, or these files, or system changes aren't normally used in this way." Theoretically this would help reduce the risk of an infected or compromised machine before it even gets past the firewall.
D. Henschen
50%
50%
D. Henschen,
User Rank: Author
12/11/2013 | 1:28:41 PM
App consolidation play
This is obvoiusly a case of application consolidation within IT. Ben-Oni was cagey about the security monitoring system replaced, other than to say it was a "flagship security information and event monitoring system." The home-grown IT troubleshooting app replaced was built on Oracle database, but I'm guessing the slow search speeds had more to do with limited, home-grown functionality than raw database speeds. 
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
2017 State of the Cloud Report
As the use of public cloud becomes a given, IT leaders must navigate the transition and advocate for management tools or architectures that allow them to realize the benefits they seek. Download this report to explore the issues and how to best leverage the cloud moving forward.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on InformationWeek.com for the week of November 6, 2016. We'll be talking with the InformationWeek.com editors and correspondents who brought you the top stories of the week to get the "story behind the story."
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll