By: Andrew | September 06, 2016


Jake MosherJake Mosher
August 31, 2016

The threat landscape gets more difficult to navigate every day. Organizations of all sizes are struggling to stay ahead of the latest threats and to keep up with all of the security data they are taking in. There is not enough time in the day and resources available to effectively process and analyze all of this data. Midsized enterprises in particular, who often have limited security resources, are especially feeling this pinch. These companies would benefit from a platform to help cut through the noise and identify the most important threats facing their networks right now. Security Analytics, which combines traditional security analytics products with SIEM platforms, is emerging as a new market. Some industry analysts are viewing Security Analytics as SIEM 2.0. In the following blog, I will provide clarity around what this emerging market is, and the value of these platforms to you and your organization.

What is a Security Analytics platform and is it right for you?

Security analytics has come to the forefront largely in the last couple of years. But if you ask ten people what it is you are likely to get 10 different answers. Forrester defines security analytics as: “Solutions that use machine learning and big data infrastructure to converge logging, correlating, and reporting feeds from security information management (SIM), security solutions, network flow data, external threat intelligence, and diverse endpoints and applications with an aggregate, single pane of glass to detect threats and malicious activity.”

Here at AlienVault we try to simplify it a bit. A security analytics solution is simply a scalable platform to collect, correlate and analyze security event data from across your network, utilizing threat intelligence to provide the visibility needed to accelerate threat detection and response.

If you cut through all the noise, the crux of the issue is this: does the solution enhance your ability to detect threats and prioritize response? Without that, you’re simply using up your IT budget on a solution with an interesting name.

The “big data” component of security analytics is an interesting one to consider as well. Big data has become a loaded term in the technology industry, but we think it is apt to use it when describing the underpinnings of a security analytics platform. An effective security analytics solution needs to leverage a big data platform as there is simply too much data to wade through. Organizations need a platform to capture all of this data, parse it, and effectively correlate it. And the solution needs to have some “smart” algorithms applied to the data correlation, which is essentially what any practical definition of big data includes.

Regardless of which definition and which terms you prefer to use, in evaluating a security analytics platform you should focus on the capabilities. Following are a few critical things a security analytics or similar solution must do:

  • It must aid in threat analysis
  • It must utilize threat intelligence (either native to the platform or external)
  • It needs to leverage machine learning

So above all else, any security analytics solution must enhance your threat detection and response capabilities.

Let’s look at each of these items in a bit more detail.

Threat Analysis

First and foremost, security analytics solutions must aid in threat analysis. Threat analysis is a demanding, time-consuming exercise for security practitioners. It requires you to stay current with the latest threats, techniques, and vulnerabilities, and then apply this knowledge to the activity in your environment. To do so, you need a massive threat data collection process, advanced analytical capabilities to process the data, and time.

A security analytics platform delivers this threat analysis capability by analyzing and correlating your security data, ingesting threat intelligence, and then delivering prioritized threat detection and response guidance.

Threat Intelligence

As noted, a good security analytics platform must utilize threat intelligence. Threat intelligence is another loaded term, with numerous definitions depending on who you talk to. But we here at AlienVault define it as actionable information that every organization needs about the latest threats facing their network in order to detect and effectively respond to threats. Why is threat intelligence important? It is the essential output of an organization’s threat research and analysis process. It tells you what the threat is, where it’s originating from, which assets in your environment are at risk, and how to respond.

Threat Intelligence enables the security analytics platform to cut through the noise and focus your resources on the most important threats facing your network. Therefore, it is critical that any effective security analytics platform utilize threat intelligence.

Threat intelligence can be natively produced by your security platform, or it can be ingested from a 3rd party service. Either way, it is a critical component of the threat detection and response process.

Machine learning

A good security analytics platform will also leverage machine learning. What is machine learning when applied to cyber security? Essentially, we’re talking about applying an analytics engine or an analytics process to incoming data when evaluating threat indicators to identify anomalies and to uncover new and/or critical threats. This analytics engine needs to be able to leverage past information to identify new threats. There is simply too much data and too many possible connections to make for the typical security team to handle it on their own.

As such, it follows that machine learning is a critical component of a security analytics tool. One caveat is that this machine learning capability needs to allow for human input to apply the proper context and nuance to the information surfaced during the threat evaluation and discovery process.

Conclusion

Organizations of all sizes, but especially midsized enterprises, are swimming in security data, and simply don’t have the resources and time to effectively navigate the threat landscape on their own. As shown above, security analytics solutions can deliver critical functionality to assist the mid-market company with threat detection, prioritization, and response guidance. Remember to look for a security analytics platform that unifies all the necessary security capabilities including threat analysis, threat intelligence and machine learning.

AlienVault delivers all of these capabilities in a single platform at an affordable price point. Our solution is called Unified Security Management (USM).

USM includes:

  • Threat analysis, delivered by the AlienVault Labs research team, in the form of detection capabilities and response guidance
  • Threat intelligence, which utilizes machine learning to generate the threat intelligence, delivered to the USM platform
  • A Big Data platform in the form of the Open Threat Exchange (OTX) database, maintained by the AlienVault Labs team
  • Five essential security tools, including Asset Discovery, Vulnerability Assessment, Intrusion Detection (both NIDS and HIDS), Behavioral Monitoring, and Security Information and Event Management (SIEM)
  • Prioritized threat detection and response guidance
  • Reasonable pricing for companies with limited IT resources

All of the above comes integrated in one platform, out of the box.

security analytics with otx

Posted on, https://www.alienvault.com/blogs/security-essentials/new-threat-detection-platforms-for-the-midsized-enterprise

Category: Uncategorized 

Tags:

Comments:

david

Posted on : January 19, 2019

Incredible post. Articles that have significant and savvy remarks are
more agreeable, at any rate to me. It’s fascinating to peruse what other
<a
href="https://www.outclassjackets.com/justice-league-gal-gadot-suede-leather-jacket">Buy
Justice League Jacket Online</a>
individuals thought and how it identifies with them or their customers,
as their point of view could help you later on.


Catherine B. Rogers

Posted on : December 29, 2018

<a
href="http://www.youngupstarts.com/2018/06/08/skycap-financial-introduces-financial-literacy-course-why-young-entrepreneurs-should-take-note/">Skycap Financial</a>
provides loans up to $10,000 and the application process is quick and
easy, followed by a fast loan decision. If you’re improving your
spending habits, you may never have to use a service like this. But it’s
good to know it’s there.<br />


Ramon M. Speaks

Posted on : December 28, 2018

We all know that education is must in today&#39;s competitive world but
there are many peoples out there who can not afford the cost of
education for which they look for some organizations which provide
scholarships <a href="https://twitter.com/cstconsultants?lang=en">click
here to know more</a>
<br />
.


John Mike

Posted on : December 09, 2018

Save money on video games through online re-sellers or auction sites.
Many sites like Ebay or Amazon offer a wide variety of video games at
deeply discounted prices. Look for sellers who have a highly positive
rating from many buyers. This is a great way to stretch your gaming
dollars. <a href="https://hackeroffice.com/">https://hackeroffice.com/</a>
<br />


Martha Smith

Posted on : December 04, 2018

The article you have shared here very good.<a
href="http://chouraha.com/engineer-kaise-bane/">Engineer kaise bane</a>
This is really interesting information for me.<a
href="http://chouraha.com/tally-kya-hai/">Tally kaise sikhe </a>
Thanks for sharing!<br />


edward fox

Posted on : November 11, 2018

Thanks for sharing this first-class article. Very inspiring! (as always,
btw) <a href="http://travelresourcesonline.com/">First time backpacking europe</a>
<br />


edward fox

Posted on : November 11, 2018

This site is mostly a walk-via for all of the data you wanted about this
and didn’t know who to ask. Glimpse here, and also youi’ll undoubtedly
uncover it. <a href="http://fashioneraonline.com/">Fashion era sarees</a>
<br />


edward fox

Posted on : November 11, 2018

If I have writer’s block, I occasionally just create random words, and
hopefully some idea will come from that. Take a pencil, or an empty Word
document and just begin typing or composing words. Some thing is bound
to hit you eventually. I used to just do these exercises where I did
nothing but create random sentences without using punctuation. This
helped my brain juices to flow, and it allowed me to create some short
poems and short, short stories. Occasionally that rare moment when two
words fit together perfectly to give you a great concept for a story
occurs, and who knows? Maybe those two words can launch a series of
books, or a series of plays, or the great American novel. <a
href="http://educationdetailsonline.com/">how to verify hec attested degree</a>
<br />


edward fox

Posted on : November 11, 2018

What this suggests is that traceability-precise computer software (like
HarvestMark and Red Prairie) isn’t made to manage supporting paper
paperwork these <a href="http://bestbusinesscommunity.com/">What is
marketing management</a>
<br />


edward fox

Posted on : November 11, 2018

Fantastic short article! Genuinely loved the exact digesting. I hope you
just read a bit more from your site. My partner and i you will have
superb understanding and in addition visualization. I am just
particularly delighted utilizing this knowledge. <a
href="http://allaboutshoppingtrends.com/">Home improvement episodes</a>
<br />


Terrance N. Amador

Posted on : October 15, 2018

The organization of this recuperating office should fill in according to
the hankering of the all inclusive community and should decide this
issue decidedly and this <a href="https://legitimate-writing-services.blogspot.com/2018/10/writingessayeastcom-review.html">https://legitimate-writing-services.blogspot.com/2018/10/writingessayeastcom-review.html</a>
website share well instruction. I like this information and it is
horrendous to hear that patients are in peril. It is astoundingly
unfortunate to hear that.


Asuna xing

Posted on : September 13, 2018

Be aware that the graveyard does not have infinite space, and you can
easily use up all the plots if you are not careful. play the <a
href="https://mafiah5.yottagames.com/?language=en_EN">h5 games</a>
now


Erica Atkison

Posted on : August 14, 2018

<br />
Thanks a lot for sharing this useful information.<a
href="https://apkzoo.org/fm-whatsapp/">FM WhatsApp</a>
<a href="https://apksnap.com/xposed-installer/">Xposed Installer</a>
<br />
<br />


Vernon D. Yuen

Posted on : May 29, 2018

Support of the <a href="https://twitter.com/aegplc?lang=en">Active Energy</a>
, The Active Energy is extra compelling and powerful to use and the
activation energy is mattering.<br />


Ray Vick

Posted on : May 19, 2018

The link given For download the <a
href="https://ppjoydownload.com/">PPJoy Download</a>
<br />
driver.<br />


fega

Posted on : April 17, 2018

Ventus group where you can find the special help for the purpose of the
detection in this zone. Just contact with the helpful people through
this blog of <a href="http://bestwritingclues.com/reviews/essayontime-review/">essayontime</a>
and get the new struggling style from this zone.


Evelyn Sanchez

Posted on : April 06, 2018

I enjoy the post, As i liked, Iwould really enjoy even more tips in such
a, for the reason that it will be somewhat agreeable., Appreciate it for
the purpose of issuing. <a href="https://1123movies.org/movies/">123freemovies</a>
<br />


Stephen S. Montague

Posted on : March 29, 2018

For a sophisticated startup, then you have to investigate several of the
essential facets such as Give chain direction and business enterprise
calling consequently enroll in the skilled <a
href="https://technofaq.org/posts/2018/03/jonathon-karelse-others-on-why-smarter-analytics-key-to-successful-sales-promotions/">Jonathon Karelse</a>
.<br />


janywatson

Posted on : March 10, 2018

The paris shooting yet another ther isis attack line this morning
between belleville and kingston terrorists. The last night that there
would carriodor have been already been <a
href="https://www.essayhelperuk.co.uk">help with essay writing</a>
replaced with the c-tpat-certified site,election pending.<br />


Becky J. Martin

Posted on : March 05, 2018

When you think to invest your valuable money into the real estate so
it&#39;s very necessary to know which is the best time to invest your
money But Don&#39;t worry Talk with <a
href="http://www.curriki.org/oer/Benefits-of-Choosing-a-Real-Estate-Agent/">Larry Weltman</a>
and Invest your money safely.<br />


Rocky Jayson

Posted on : January 21, 2018

The New Threat Detection Platforms for the Midsized Enterprise that we
have come across to learn from you has been pretty bonding, I might get
to an <a href="http://www.bestassignmentservices.co.uk/">assignment
writing help</a>
right away and start my work there, Thank you for the brilliant share
you have got in here.<br />


ali

Posted on : January 14, 2018

Two full thumbs up for this magneficent article of yours. I&#39;ve
really enjoyed reading this article today and I think this might be one
of the best article that I&#39;ve read yet. Please, keep this work going
on in the same quality. <a
href="http://www.relationshipeguide.com/ex-factor-guide-review-by-brad-browning/">The
Ex Factor Guide</a>
<br />


ali

Posted on : January 11, 2018

This is exciting, nevertheless it is vital for you to visit this
specific url: <a
href="https://www.languageofdesires.com/law-of-devotion-review">Devotion System</a>
<br />


ali

Posted on : January 11, 2018

I&#39;ve proper selected to build a blog, which I hold been deficient to
do for a during. Acknowledges for this inform, it&#39;s really
serviceable! <a
href="https://www.languageofdesires.com/7-obsession-phrases-that-makes-a-man-fall-deeply-in-love">Hero Instinct</a>
<br />


ali

Posted on : January 10, 2018

I exploit solely premium quality products -- you will observe these
individuals on: <a
href="https://www.languageofdesires.com/secret-obsession-james-bauer-review">His
Secret Obsession</a>
<br />


DARSHAN

Posted on : December 17, 2017

Jake, I am delighted you have shared all this information with us here.
Now that I know this, I will make sure that all of my <a href="http://www.researchwritingkings.com/">researchwritingkings</a>
mates know about this as well. This is definitely one of the best
things you&#39;ve done.<br />


Post a Comment