Fighting Cybercrime: A Joint Task Force of Real Time Data and Human Analytics by William Callaghan
Cybercrime is big business. Gartner reports worldwide security spending at $80B, with annual losses totalling more than $1.2T (in 2015). Small to medium sized businesses now account for more than half of the attacks targeting enterprises today. The threat actors behind these attacks are continually shifting their techniques and toolkits to evade the security defenses that businesses commonly use. Thanks to the growing frequency and complexity of attacks, the task of identifying and mitigating security-related events has become increasingly difficult.
At eSentire, we use a combination of data and human analytics to identify, respond to and mitigate cyber threats in real-time. We capture all network traffic on our customers’ networks, hence ingesting a large amount of time-series data. We process the data as it is being streamed into our system to extract relevant threat insights and block attacks in real-time. Furthermore, we enable our cybersecurity analysts to perform in-depth investigations to: i) confirm attacks and ii) identify threats that analytical models miss. Having security experts in the loop provides feedback to our analytics engine, thereby improving the overall threat detection effectiveness.
So how exactly can you build an analytics pipeline to handle a large amount of time-series/event-driven data? How do you build the tools that allow people to query this data with the expectation of mission-critical response times?
In this presentation, William Callaghan will focus on the challenges faced and lessons learned in building a human-in-the loop cyber threat analytics pipeline. They will discuss the topic of analytics in cybersecurity and highlight the use of technologies such as Spark Streaming/SQL, Cassandra, Kafka and Alluxio in creating an analytics architecture with missions-critical response times.
Видео Fighting Cybercrime: A Joint Task Force of Real Time Data and Human Analytics by William Callaghan канала Spark Summit
At eSentire, we use a combination of data and human analytics to identify, respond to and mitigate cyber threats in real-time. We capture all network traffic on our customers’ networks, hence ingesting a large amount of time-series data. We process the data as it is being streamed into our system to extract relevant threat insights and block attacks in real-time. Furthermore, we enable our cybersecurity analysts to perform in-depth investigations to: i) confirm attacks and ii) identify threats that analytical models miss. Having security experts in the loop provides feedback to our analytics engine, thereby improving the overall threat detection effectiveness.
So how exactly can you build an analytics pipeline to handle a large amount of time-series/event-driven data? How do you build the tools that allow people to query this data with the expectation of mission-critical response times?
In this presentation, William Callaghan will focus on the challenges faced and lessons learned in building a human-in-the loop cyber threat analytics pipeline. They will discuss the topic of analytics in cybersecurity and highlight the use of technologies such as Spark Streaming/SQL, Cassandra, Kafka and Alluxio in creating an analytics architecture with missions-critical response times.
Видео Fighting Cybercrime: A Joint Task Force of Real Time Data and Human Analytics by William Callaghan канала Spark Summit
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
Glint: An Asynchronous Parameter Server for Spark (Rolf Jagerman)
IoT and the Autonomous Vehicle in the Clouds: Spark Summit East talk by Jay White Bear
Analysis Andromeda Galaxy Data Using Spark: Spark Summit East talk by Jose Nandez
The Fast Path to Building Operational Applications with Spark: talk by Nikita Shamgunov
New Directions for Spark in 2015- Matei Zaharia (Databricks)
Software Above the Level of a Single Device The Implications - Tim O'Reilly (O'Reilly Media)
Keynote - Arun Murthy (Hortonworks)
Scalable Deep Learning Platform On Spark In Baidu
Extending Word2Vec for Performance and Semi Supervised Learning - Michael Malak (Oracle)
5 Reasons Enterprise Adoption Of Spark Is Unstoppable
Spark Summit 2013 - Big Data Research in the AMPLab - Mike Franklin
Delivering Insights from 5PB of Product Logs at Pure Storage: Spark Summit East talk by Brian Gold
Pedal to the Metal: Accelerating Apache Spark with Innovations in Silicon Technology
Production Spark and Tachyon use Cases
Spark as a Platform to Support Multi-Tenancy and Many Kinds of Data Applications - Kelvin Chu (Uber)
Perspectives on Big Data & Analytics - Doug Wolfe (Central Intelligence Agency)
Spark'ing an Anti Money Laundering Revolution- Katie Levans; Koert Kuipers (Tresata)
Towards Modularizing Spark Machine Learning Jobs- Lance Co Ting Keh (Box)
Distributed Heterogeneous Mixture Learning On Spark
A More Scalable Way of Making Recommendations with MLlib - Xiangrui Meng (Databricks)
Fireside Chat -Justin Langseth (Zoomdata)