In a recent event organized by Hortonworks, SynerScope and Inter Visual Systems, we discussed using data technologies to solve cybercrime in scale and realtime.
Solving Cybercrime at Scale and in Realtime
Information security is a big problem today. With more attacks happening all the time, and increasingly sophisticated attacks beyond the script-kiddies of yesterday, patrolling the borders of our networks, and controlling threats both from outside and within is becoming harder. We cannot rely on endpoint protection for a few thousand PCs and servers anymore, but as connected cars, internet of things, and mobile devices become more common, so the attack surface broadens. To face these problems, we need technologies that go beyond the traditional SIEM, which human operators writing rules. We need to use the power of the Hadoop ecosystem to find new patterns, machine learning to uncover subtle signals and big data tools to help humans analysts work better and faster to meet these new threats. Apache Metron is a platform on top of Hadoop that meets these needs. Here we will look at the platform in action, and how to use it to trace a real world complex threat, and how it compares to traditional approaches. Come and see how to make your SOC more effective with automated evidence gathering, Hadoop-powered integration, and real-time detection.
Simon Elliston Ball, Director Product Management, Cyber Security, Hortonworks
Advantage of Central Security Data Lake:
Cyber Security teams are keen on not only finding threats, but also understanding them. By putting all relevant data out of the silo'ed individual systems and into a central security data lake SynerScope greatly enhances the productivity of the Security Operation Center. The SOC is provided with operationally relevant information on as-it-happens events, as well as given the ability to hunt and discover their unknown risks within their enterprise. SynerScope Ixiwa is used to orchestrate and correlate the data, and SynerScope Iximeer is used for human-in-the loop viewing, understanding and collaboration. This combination greatly speeds up attaching new sources, reducing time to resolution and enhancing the way findings are shared within the SOC.
Jorik Blaas, CTO, SynerScope
Secure data transmission in control room environments
Data is a major asset of any organization. Not only for commercial companies, but also for government institutions and other types of organizations, the vast amount of images, video, and data needs to be distributed throughout the organization in a fast and easy way. Control rooms are typically the central intelligence hubs of all information. However, the actual needs of the control room are not limited to the personnel within this room. It is the nerve center to communicate and collaborate with everybody involved. Stakeholders, wherever they are located, expect complete and swift communication about any possible issue and real-time status overviews. The vision of Inter Visual Systems is to offer an solution to distributes data throughout the complete organization to the right location in a fast, easy and secure way. It is even possible to share information between different secured private networks.