Tech Library is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


Building a Security Analytics Initiative

Jan 28, 2015

Many security teams empathize with Italian artist Sven Sachsalber, who recently spent 48 hours in a Paris museum looking for a needle in a haystack. At least Sachsalber knew what he was seeking, and the haystack didn't keep increasing in size every hour. Those responsible for network security should be so lucky.

In the face of huge and diverse stores of data, many enterprises are turning to big data analytics to help find threats faster and with more accuracy. Threat detection methods based solely on known elements, such as whitelists and blacklists, signature lists, and rule lists, aren't effective against the unknown. However, searching through vast amounts of data can unearth clues that make anomaly detection techniques more effective in spotting malicious activity, while behavioral analytics can better distinguish between legitimate and suspicious users. Gartner predicts that by 2016 more than 25% of global firms will adopt big data analytics for security and fraud detection.

In this report, we discuss tools and methods for harnessing all available security information and for building a forensic analysis process that can lead to faster identification of targeted attacks and to better strategies for enterprise data defense.

Research Report