Making sense of threat intelligence data in your IT environment
Threat intelligence data has been growing at an exponential rate of 39% a month. Enterprise customers are looking at around 30,000 events going into their SIEM every second. Only a small percentage have the infrastructure able to handle that amount of data.
In this podcast recorded at RSA Conference 2016, Mark Seward, VP Security Solutions at Anomali, talks about some of the problems that security personnel face in classifying and keeping order around their threat intelligence data, and why that’s now considered a Big Data problem.
Harmony Breach Analytics represents a new scalable solution on premise or cloud-based solution that tackles this Big Data problem. Rather than push tens of millions of IOCs into an overburdened SIEM, this threat intelligence platform reads your log data looking for potential IOCs and compares them with Anomali’s vast store of threat intelligence data. Matches are sent back to the SIEM to fit into current security workflows.
Harmony Breach Analytics approach operationalizes threat intelligence for incident responders, security operations personnel and prioritizes threat analyst investigation activities. Finally, the system scales to maintain a year-long library of log data IOCs for correlation with the latest threat intelligence data available.