Page 18 - index
P. 18
Analytics + Integration + Automation = Improved Security
Response
By Todd Weller, VP, Corporate Development, Hexis Cyber Solutions
A recent article by Kenneth Corbin reviews the findings of a study from Meritalk and sponsored
by Splunk, and discusses how government security workers are struggling with Big Data and
that better analytics could improve their security posture.
The article also indicates tight security budgets
are a major challenge.
As far as the conclusions, I’m not surprised. The
Big Data security alert overload problem is a
challenge for both government and commercial
organizations, and with trends like mobile and
Internet of Things, this will only worsen.
Budget pressures are also endemic to all
organizations though some worse than others.
Improved Security Analytics One Piece of the
Puzzle
Improved security analytics are clearly needed. Hexis, along with other vendors like FireEye,
Palo Alto, and Splunk, are working to address this.
For example, with our recent launch of HawkEye G 3.0 we unveiled our ThreatSync™
capability, which fuses together our signature-less endpoint detection and network detection
rd
with 3 party indicators from FireEye and Palo Alto Networks. These indicators are combined
into a unified scoring model.
We believe that corroboration and analytics will result in reduced alert overload and improve the
signal-to-noise ratio. Not coincidentally, we are also integrating with Splunk to improve threat
intelligence.
Analytics Should Be Complemented By Automated Threat Removal Capabilities
While improved security analytics are critical to improving security posture, it is just one key
component.
In fact, Adam Cohn, director of public policy and government affairs at Splunk, commented that
the big data analytics “approach is only one element of the “multi-faceted" framework that
government agencies should adopt when evaluating their security posture.”
Again, while this article and comment applies to government agencies, I believe it applies to the
commercial sector as well.
18 Cyber Warnings E-Magazine – June 2015 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
