The security of Big Data is essential at every level within an organization. It is vital to have the tools in place to enable you to protect your network, your business, your customers, and all of the Big Data you are harnessing for competitive value. The newest security analytics apps are providing analysts with real-time threat intelligence. These apps that combine solid security analytics capabilities with the scale and capacity to handle Big Data are comprising the next generation of Security Information and Event Management (SIEM) solutions.
With this new generation of enterprise security apps, analysts can ask more difficult, complex security questions of their data by utilizing application-layer attributes. These platforms are capable of capturing, processing, protecting, storing, searching, sharing, analyzing, and visualizing your Big Data. Keep reading to discover the data security analytics companies that are shaping the Big Data and Security space, along with helpful resources for navigating and implementing Big Data and security analytics systems.
Companies and Apps in the Big Data and Security space:
All descriptions are from companies’ websites.
With the Splunk App for Enterprise Security you can use statistics on any data to help find unknown threats, while continually monitoring for known threats detected by traditional security products. The Splunk App for Enterprise Security runs on top of Splunk Enterprise and provides the monitoring, alerting and analytics required to identify and address known and unknown threats. Suitable for a small security team or an enterprise security operations center, the app is the primary data interface for the security professional faced with a growing list of challenges.
Empower IT security with actionable security intelligence pulled from your event and log data. Our industry leading solution helps you to identify threats, detect breaches and manage risks from internal and external sources and provides a cost-effective compliance solution. Collect, analyze and transform Big Data into actionable security intelligence.
Impact 360 Quality Monitoring helps organizations capture, evaluate, and learn from customer interactions, including voice conversations, email, Web chat sessions, and more. This proven software combines monitoring and recording functionality with performance management, analytics, eLearning, and coaching, helping you use data captured from the telephone, email, and Web to increase revenue, enhance customer satisfaction, and manage performance, processes, and costs.
IBM Security Intelligence with Big Data provides exceptional threat and risk detection, combining deep security expertise with analytical insights on a massive scale. For forward-leaning organizations seeking advanced insight into security risks, the IBM solution – including IBM QRadar Security Intelligence Platform and IBM Big Data Platform – provides a comprehensive, integrated approach that combines real-time correlation for continuous insight, custom analytics across massive structured and unstructured data, and forensic capabilities for irrefutable evidence. The combination can help you address advanced persistent threats, fraud and insider threats.
Today [February 25, 2014], RSA and Pivotal announced the availability of a Big Data for Security Analytics reference architecture, providing insights into the visibility, analytics and actionable intelligence organizations need to detect and investigate today’s security threats. RSA Security Analytics, supported by Pivotal Hadoop technology, help organizations quickly detect, investigate and respond to security incidents before they have the opportunity to impact business. The RSA Pivotal Reference Architecture serves as a guide to organizations looking to create a scalable approach to Security Analytics, and also ties into a wider approach to analytics of IT operations data and the creation of an “IT Data Lake.”
The reality is that your data is under assault from the moment it is collected until the time it is discarded, and security breaches can be costly. That’s why Teradata and Protegrity have partnered to deliver integrated, high performance security solutions designed to meet all of your enterprise security needs.
The Security Analytics Platform by Solera integrates Security Information Event Management (SIEM), Log Management, Intrusion Detection Systems (IDS), Data Loss Prevention (DLP), Deep Packet Inspection, real-time threat intelligence and advanced malware detection tools into the single workflow necessary to combat today’s threats.
Click Security’s real-time security analytics solution can be deployed either as a hosted and managed cloud offering, or as a more traditional customer premise-based solution. In either case, DMUs are deployed within the customer’s network. As well, all threat intelligence and newly discovered artifact analyses are currently performed in the Click Data Center. The customer has a choice between a hosted and managed model or a customer premise-based model for APUs. Following is a high-level deployment diagram that shows example telemetry sources feeding into the DMUs, which subsequently forward data feeds into an APU for analytics processing and analyst interaction.
Lancope, Inc. is a leading provider of network visibility and security intelligence to defend enterprises against today’s top threats. By collecting and analyzing NetFlow, IPFIX and other types of flow data, Lancope’s StealthWatch® System helps organizations quickly detect a wide range of attacks from APTs and DDoS to zero-day malware and insider threats. Through pervasive insight across distributed networks, including mobile, identity and application awareness, Lancope accelerates incident response, improves forensic investigations and reduces enterprise risk. Lancope’s security capabilities are continuously enhanced with threat intelligence from the StealthWatch Labs research team.
AlienVault’s Unified Security Management™ (USM) products provide a way for organizations with limited security staff and budget to address compliance and threat management needs. With all of the essential security controls built-in, and continuous threat intelligence updates from AlienVault Labs, USM provides unparalleled security visibility.
SecureVue Log Management & SIEM provides industry leading event and log collection, storage, correlation, reporting, and search functions. The solution supports a broad range of event sources including network infrastructure, security solutions, operating systems, and applications. SecureVue improves on traditional log management through the collection and leverage of important contextual information from additional networked systems including vulnerability scanners, identity and access management systems, and network flow data. The SecureVue solution is also easily extended to support proprietary customer applications and legacy systems.
LogRhythm is the largest and fastest growing independent security intelligence company in the world. The company’s patented and award-winning Security Intelligence Platform, unifying SIEM, log management, file integrity monitoring, network forensics and host forensics, empowers organizations around the globe to detect breaches and the most sophisticated cyber threats of today, faster and with greater accuracy than ever before. LogRhythm also provides unparalleled compliance automation and assurance as well as IT predictive intelligence to Global 2000 organizations, government agencies and mid-sized businesses worldwide.
Our high-performance, powerful security information and event management (SIEM) brings event, threat, and risk data together to provide strong security intelligence, rapid incident response, seamless log management, and extensible compliance reporting. At the core of our SIEM offering, Enterprise Security Manager consolidates, correlates, assesses, and prioritizes security events for both third-party and McAfee solutions. As part of the Security Connected framework, McAfee Enterprise Security Manager tightly integrates with McAfee ePolicy Orchestrator (McAfee ePO) software, McAfee Risk Advisor, and Global Threat Intelligence — delivering the context required for autonomous and adaptive security risk management.
To help you find the needle in the haystack, Packetloop analyzes every packet, conversation, protocol and file for threats and deviations from normal traffic. However, without clear and attractive visualizations it would just be a spreadsheet with rows and columns. Scaling to terabytes of data, in-depth traffic analysis and stunning visualizations is what we are all about at Packetloop. Giving you the ability to Play, Pause and Rewind your data and to view attacks from different perspectives. You don’t need to spend large amounts of capital, and you don’t need to spend months on complex deployments and integration. Packetloop is instantly accessible, bringing Big Data Security Analytics to everyone.
Voltage Security delivers the data protection strategy organizations need to deploy Big Data for competitive advantage, and only Voltage delivers these key capabilities. Secure sensitive data entering Hadoop, then control access. Protect data from any source, of any format, before it enters Hadoop. Set policies enabling which applications and which users get access to which original data, with protection of sensitive data that maintains usable, realistic values for accurate analytics and modeling on data in its encrypted form. Assure global regulatory compliance. Securely capture, analyze and store data from global sources, and ensure compliance with international data security, residency and privacy regulations. Address compliance comprehensively, not system-by-system. Optimize performance and scalability. Integrate data security fast, with quick implementation and an efficient, low-maintenance solution that won’t degrade performance and will scale up. Leverage IT investments by integrating with the existing IT environment and extending current controls and processes into Hadoop.
Vormetric Encryption seamlessly protects Big Data environments at the file system and volume level. The solution allows organizations to gain the benefits of the intelligence gleaned from Big Data analytics while maintaining the security of their data – with no changes to operation of the application or to system operation or administration.
Check Out These Articles for Tips on Using Big Data in Security: