Comments on: Big Data Security Intelligence – nothing to see here – move along http://raffy.ch/blog/2012/03/16/big-data-security-intelligence-nothing-to-see-here-move-along/ Big data analytics and visualization Sun, 07 Apr 2013 08:03:37 +0000 hourly 1 http://wordpress.org/?v=3.2.1 By: Raffael Marty http://raffy.ch/blog/2012/03/16/big-data-security-intelligence-nothing-to-see-here-move-along/comment-page-1/#comment-51568 Raffael Marty Fri, 11 Jan 2013 17:01:54 +0000 http://raffy.ch/blog/?p=581#comment-51568 AbleeTu ... What I was reacting to was that everyone is looking at big data, but what big data is today is an infrastructure layer. Only a handful of companies are working ont he analytical layer of big data. That's what we really need. I didn't say SIEM was already gone. I strongly believe though that there will be a new wave of SIEMs or whatever they will be called. I am obviously very bullish on visual analytics (see <a href="http://pixlcloud.com" rel="nofollow">pixlcloud</a>). I have seen too many customers that are struggling with dealing with all their data in the SIEM. They have no idea what they are collecting, what the data tells them, and what to do with it. In order to process that amount of data, we need new data stores. RDBMs is not cutting it anymore (I am happy to have a long discussion with you on this). Think OLAP 2.0. We need better ways for analysts to interact with the data. Not sure I am expressing myself that well... AbleeTu … What I was reacting to was that everyone is looking at big data, but what big data is today is an infrastructure layer. Only a handful of companies are working ont he analytical layer of big data. That’s what we really need.
I didn’t say SIEM was already gone. I strongly believe though that there will be a new wave of SIEMs or whatever they will be called. I am obviously very bullish on visual analytics (see pixlcloud). I have seen too many customers that are struggling with dealing with all their data in the SIEM. They have no idea what they are collecting, what the data tells them, and what to do with it. In order to process that amount of data, we need new data stores. RDBMs is not cutting it anymore (I am happy to have a long discussion with you on this). Think OLAP 2.0. We need better ways for analysts to interact with the data. Not sure I am expressing myself that well…

]]> By: AlbeeTu http://raffy.ch/blog/2012/03/16/big-data-security-intelligence-nothing-to-see-here-move-along/comment-page-1/#comment-51488 AlbeeTu Wed, 09 Jan 2013 20:54:03 +0000 http://raffy.ch/blog/?p=581#comment-51488 > SIEM being replaced or superseded by big data infrastructure. That’s completely and utterly stupid. I didn't quite understand this claim. From what I'm assuming, SIEM still has lots to offer that this new product can not do. I've seen customers do this and it is foolish. Regardless, I'd like to hear what you have seen. > SIEM being replaced or superseded by big data infrastructure. That’s completely and utterly stupid.

I didn’t quite understand this claim. From what I’m assuming, SIEM still has lots to offer that this new product can not do. I’ve seen customers do this and it is foolish. Regardless, I’d like to hear what you have seen.

]]> By: VMercer http://raffy.ch/blog/2012/03/16/big-data-security-intelligence-nothing-to-see-here-move-along/comment-page-1/#comment-49163 VMercer Thu, 22 Nov 2012 17:13:52 +0000 http://raffy.ch/blog/?p=581#comment-49163 Security Management is a 2 layered cake: 1st Layer : IDP/IPS/UTMs... real time/attack protection 2nd Layer : SIEM, Post real time - event/threat analysis, data forensics and law compliance. Now the legacy RDBMS/SIEMs can't cope in this Big Data world, so next generation "SIEMs" like Secnology will be needed. A 3rd layer Big Data "Hadoop" "Magic" analysis tool sounds sexy but when & at what price. Considering the SIEM still hasn't made the middle market yet, it'll still take a Data/Security expert to harness the analytics & make the calls. Security Management is a 2 layered cake:
1st Layer : IDP/IPS/UTMs… real time/attack protection
2nd Layer : SIEM, Post real time – event/threat analysis, data forensics and law compliance.
Now the legacy RDBMS/SIEMs can’t cope in this Big Data world, so next generation “SIEMs” like Secnology will be needed.
A 3rd layer Big Data “Hadoop” “Magic” analysis tool sounds sexy but when & at what price. Considering the SIEM still hasn’t made the middle market yet, it’ll still take a Data/Security expert to harness the analytics & make the calls.

]]> By: Big Data Infosec – Bigsnarf Open Source Solution « BigSnarf blog http://raffy.ch/blog/2012/03/16/big-data-security-intelligence-nothing-to-see-here-move-along/comment-page-1/#comment-42142 Big Data Infosec – Bigsnarf Open Source Solution « BigSnarf blog Fri, 23 Mar 2012 20:46:42 +0000 http://raffy.ch/blog/?p=581#comment-42142 [...] of Big Data Infosec at Blackhat EU 2012 (Link:PDF). Raffael followed up recently with his post (Link:Website). Moar visual analytics! Ed in this post suggested that Infosec stop using “stoplight [...] [...] of Big Data Infosec at Blackhat EU 2012 (Link:PDF). Raffael followed up recently with his post (Link:Website). Moar visual analytics! Ed in this post suggested that Infosec stop using “stoplight [...]

]]> By: Big Data Information Security Maturity Scale – Where are you on this scale? « facebookjustice http://raffy.ch/blog/2012/03/16/big-data-security-intelligence-nothing-to-see-here-move-along/comment-page-1/#comment-41848 Big Data Information Security Maturity Scale – Where are you on this scale? « facebookjustice Sat, 17 Mar 2012 19:35:52 +0000 http://raffy.ch/blog/?p=581#comment-41848 [...] as “I think we’re in a precarious spot”. Raffael follow up recently with his post (http://raffy.ch/blog/2012/03/16/big-data-security-intelligence-nothing-to-see-here-move-along/) that speaks to me loud. Moar [...] [...] as “I think we’re in a precarious spot”. Raffael follow up recently with his post (http://raffy.ch/blog/2012/03/16/big-data-security-intelligence-nothing-to-see-here-move-along/) that speaks to me loud. Moar [...]

]]>