"Big data" is a phrase still greeted with skepticism in the world of security. "The term is sort of nebulous to security people," says Jon Oltsik, senior principal analyst with Enterprise Strategy Group. "They've already been collecting tons and tons of data."

But there is no shortage of vendors building a case for big data around network forensics and risk management. Here at the RSA Conference, a number of companies -- from IBM to Agiliance to EMC's RSA security division itself -- have made announcements about leveraging big data to improve security.

"There [are] so many events happening at the network layer, so the ability to do stream processing across those events and detect anomalous, malicious behavior is important," Oltsik says.

In partnership with Pivotal, EMC's RSA security division released the "Big Data for Security Analytics" reference architecture (PDF), with the goal of speeding the detection and response time for enterprises dealing with attacks.

"The architecture uses a much more open and flexible Hadoop-based architecture that has an entire ecosystem of tools built around it, rather than proprietary tools that can’t take advantage of these innovations," explained Paul Stamp, director of product marketing at RSA, in a blog post. "Through this reference architecture, security teams can get a complete set of analytic tools, specifically designed for enterprise security and threat detection, not just a generic platform that leaves much of the creation of tools to support the security team to the end customer."

... Read full story on Dark Reading


Post a comment to the original version of this story on Dark Reading