"Success today is too often defined as the absence of failure by the information security industry, instead of the demonstration of effectiveness. We do a lot of things in our profession that are hard to observe and hard to quantify. But any time you can measure the success or failure in a provable way, you can produce a much better outcome," Mark Clancy, CISO, Managing Director, Technology Risk Management, DTCC said.
Integrated Security Intelligence and Big Data Analytics for Advanced Use Cases Security use cases such as advanced persistent threat detection, fraud detection and insider threat analysis require a new class of solutions that can analyze more data, with more flexibility, and deliver more accurate results.
Made in IBM Labs, IBM Security Intelligence with Big Data unites the real-time security correlation and anomaly detection capabilities of the IBM QRadar Security Intelligence Platform with the custom analysis and exploration of vast business data provided by IBM InfoSphere BigInsights. The result is an integrated solution that combines intelligent monitoring and alerting with a workbench for threat and risk analysts to analyze and explore security and enterprise data in ways previously not possible.
Key capabilities include:
- Real-time correlation and anomaly detection of diverse security and network data
- High-speed querying of security intelligence data
- Flexible big data analytics across structured and unstructured data – including security, email, social media, business process, transactional, device, and other data
- Graphical front-end tool for visualizing and exploring big data
- Forensics for deep visibility into network activity