Advanced attacks, widespread fraud and the pervasive use of social media, mobile and cloud computing are drastically altering the security landscape. As organizations increasingly need to manage Big Data, the way that corporate data needs to be protected is rapidly changing.
To aid in the detection of stealthy threats that can hide in the increasing mounds of data, IBM announced IBM Security Intelligence with Big Data, combining leading security intelligence with big data analytics capabilities for both external cyber security threats and internal risk detection and prevention.
This new solution combines real-time correlation for continuous insight, custom analytics across massive structured data (such as security device alerts, operating system logs, DNS transactions and network flows) and unstructured data (such as emails, social media content, full packet information and business transactions), and forensic capabilities for evidence gathering.
The combination helps organizations address the most vexing security challenges, including advanced persistent threats, fraud and insider threats.
Key capabilities include:
- Real-time correlation and anomaly detection of diverse security and network data
- High-speed querying of security intelligence data
- Flexible big data analytics across structured and unstructured data – including security, email, social media, business process, transactional, device, and other data
- Graphical front-end tool for visualizing and exploring big data
- Forensics for deep visibility into network activity.
Included in IBM Security Intelligence with Big Data is an extensive set of pre-packaged security intelligence content, ranging from a comprehensive security data taxonomy and automated data normalization, to pre-defined rules and dashboards that codify industry best practices and accelerate time to value.
IBM plans to deliver InfoSphere BigInsights Application Accelerators for specific use cases, to further accelerate deployment and enhance benefits.