It Takes a Village: The Splunk User Conference 2013

When IBM distributed its operating system in the 1950s, it actually sent the source code to its customer base. Many IT shops then actually modified the operating system with their own customized code.

Topics: IBM Apple Information and Risk Management Security and Privacy Security big data security analytics SIEM security intelligence log management F5 Security Management Splunk

Big Data Security Is Inevitable

There's been a fair amount of discussion about the fact that security analytics is becoming a big data problem. I participated on a big data security panel at RSA and I believe there were a few others on this topic as well.

Topics: IBM Big Data Data Management & Analytics Hadoop Information and Risk Management HP Dell McAfee Enterprise Software Security and Privacy risk management NoSQL SIEM Data Analytics Symantec RSA log management Cassandra security analytics BT Verizon Unisys vulnerability management threat management Tibco

The Information Security 80/20 Rule

Over the past few months, I've been engaged in a research project on enterprise security management and operations. As part of some quantitative research, ESG created a segmentation model that divided survey respondent organizations into three sub-segments. The segmentation model broke down as follows:

Topics: Information and Risk Management Security and Privacy risk management SIEM incident detection incident response log management Security Management security analytics APT security operations

Tibco and LogLogic: An Interesting and Revealing Acquisition

Over the past few years, a number of independent Security Information and Event Management (SIEM) vendors were acquired by bigger players. In late 2010, HP scooped up market leader ArcSight for $1.5 billion. Last year, McAfee purchased Nitro Security while IBM acquired Q1 Labs.

Topics: IBM Cloud Computing Information and Risk Management HP McAfee Enterprise Software Security and Privacy SIEM ArcSight RSA Security log management Big Data Analytics Tibco LogLogic Q1 Labs

We Need Security Standards like Mitre's Common Event Expression (CEE)

Over the past few years, I've been involved with a number of ESG Research projects all pointing to a few common problems. Even in the most sophisticated shops, security teams struggle to collect the avalanche of security data generated from different log files and tools, analyze this data in a proactive manner, or find the proverbial needle in the haystack indicating anomalous behavior.

Topics: Microsoft Cisco Information and Risk Management HP McAfee Security and Privacy SIEM Mitre ArcSight log management NIST Verizon Linux

The Intersection of Security Intelligence and Big Data Analytics

It's official, the security industry has jumped on the "big data" bandwagon with both feet. How do I know? Well, I'm participating in a panel discussion on this topic at RSA and I believe there are 2 other sessions on the topic. I guess anyone headed to San Francisco later this month should be prepared to get a big dose of big data.

Topics: IBM Data Management & Analytics Hadoop Information and Risk Management HP McAfee Security and Privacy SIEM LogRhythm ArcSight security intelligence NetFlow log management Splunk Big Data Analytics Q1 Labs RedLambda

2012 Should Be The Year Of Security Incident Response

According to ESG Research, 20% of large organizations are certain that they've been the target of an APT attack while another 39% say that it is likely they have been targeted. Can organizations detect and react to sophisticated attacks like APTs?

Topics: Information and Risk Management Security and Privacy SIEM incident response log management APT advanced persistent threat