Splunk Big Data Tool to Boost Symantec Enterprise Security

McAfee in a recent report said enterprises expect to see an increase in attacks aimed at shared resources in any IaaS, PaaS, or SaaS (Infrastructure, Platform, or Software as a Service) cloud environment. Cybercriminal will target cloud-based applications and data repositories such as the ubiquitous hypervisors found in all data centers, the multitenant communications infrastructure implicit in cloud services, and management infrastructure used to provision and monitor large-scale cloud services. The denial-of-service (DoS) attacks will also increase, causing service outages and financial loss to cloud providers.

The future of enterprise security is the analysis of all available data, not just the small subset that is a safety related with conventional approaches. Statistical analysis increases the value of that data. Because it helps to uncover valuable insights that go under otherwise unrecognized in most cases in the mass of raw information.

The statistical analysis is the new security weapon warrior against threats that bypass traditional security detection systems. Companies now understand that abnormal activity patterns hidden in terabytes of machine data generated by users represent the presence of malware or malicious behavior. Splunk App for Enterprise Security allows a statistical analysis of HTTP traffic to help security professionals to determine a baseline of what is normal, quickly detect outliers and use those events as starting points for safety and research analysis.

Symantec has now selected Splunk Enterprise 6 to help bolster its security intelligence Operations. As part of this partnership, Symantec will centralize, monitor and analyze security-related data in Splunk Enterprise to help investigate incidents and detect advanced threats. The security company will also use Splunk software to ensure comprehensive compliance with Sarbanes-Oxley (SOX) and the Payment Card Industry Data Security Standard (PCI DSS).

Symantec says it is critical that security firm react quickly to identify and respond to any type of threat, especially advanced threats that continue to increase in complexity. The Splunk App for Enterprise is breaking new grounds in the analysis of safety data by applying statistical techniques to the data that often beyond the scope of existing tools.

The big data security application automates the process to observe data anomalies. By monitoring the Splunk App for Enterprise Security proxy data of individual users, the security officer can analyze appropriate usage peaks as overall trend and at the user level. In addition, the app can monitor user agent anomalies in real time and be alerted if questionable threats occurred. The new dashboards in the Splunk App for Enterprise Security help security professionals make this data more actionable.

Last month, Gartner said big data analytics will play a crucial role in detecting crime and security infractions. By 2016, more than 25 percent of global firms will adopt big data analytics for at least one security and fraud detection use case, up from current eight percent. Big data security tools will have an impact that will change most of the product categories in the field of computer security including solutions, network monitoring, authentication and authorization of users, identity management, fraud detection, and systems of governance, risk and compliance.

Leave a Reply

Your email address will not be published. Required fields are marked *