Expert recommends Hadoop for cybersecurity analytics platform

TTlogo 379x201 Expert recommends Hadoop for cybersecurity analytics platform

Hadoop may not be the first data platform you consider when you think about cybersecurity, but maybe it should be.

That was the argument made by Rocky DeStefano, Cloudera Inc.’s cybersecurity subject matter expert, at the company’s recent event in Boston. Hadoop actually has some advantages that make it a good fit for staging cybersecurity analytics, he explained.

The biggest advantage, DeStefano said, is it can ingest just about any data type. This is important in the realm of cybersecurity because there are several different data types that can be useful in cybersecurity predictive analytics, including server logs, web traffic data and network user data.

The second key factor is the depth of analytics tools that make up the Hadoop ecosystem. Whether analysts want to use R, Mahout, Pig or Hive, they have options. This is particularly attractive to data scientists, who are increasingly entering the realm of cybersecurity. DeStefano said the ability to support advanced analytics makes Hadoop an attractive option.

The fact that Hadoop is generally optimized for large-scale batch data processing operations, while cybersecurity is more of a real-time endeavor, may be one stumbling block. But DeStefano said the platform can be geared toward faster data execution. The core elements of Hadoop — the MapReduce data processes framework and the Hadoop Distributed File System — aren’t commonly used alone in cybersecurity, DeStefano said. Substituting MapReduce for the Spark data processing engine is one option to speed up analytics. There are also vendor products — DeStefano mentioned Securonix — built on top of Hadoop that are optimized for near-real-time cybersecurity analytics.

Enterprises face unprecedented cybersecurity challenges, with nearly every week bringing news of a new organization being hacked. DeStefano said using Hadoop for cybersecurity analytics helps organizations be more proactive about protecting assets, predicting which are likely to be the target of intruders and how to keep hackers out of the network.

“Defense is thinking about how to predict what will be attacked,” he said. “That puts you in a position of power.”

Let’s block ads! (Why?)

SearchBusinessAnalytics: BI, CPM and analytics news, tips and resources