Large data analysis drives security new ecology

According to IDC forecasts, in 2006 the world's data storage volume is 180,000 PB, and now this number has reached 1.8 million PB, and in 2015 years will reach 8 million PB. At the same time, analysis of the company's data shows that by 2015, the output of large data will reach 16.9 billion U.S. dollars.

The big time we see Big data is coming quietly. Although data analysis has long been a part of the IT industry, and data Warehouse, data mining, business intelligence and so on has been continuously for the development of enterprises and innovation to provide value, but with the scale of data growth, as well as the data ecosystem in various aspects of technology patterns, standards changes to large data (big Data) development as a business opportunity and broad prospects are creating greater market and profit space.

Now we can call it big data, but from an enterprise perspective on data utilization, you can call it data analysis, or Business Analytics, data mining. What do you call it now or in the future? We do need to be clear about a data lifecycle ecosystem. The entire process of data generation, processing, and value presentation is presented in the deriving new business insights with large data, an IBM architect, Stephen Watt. This lifecycle process consists of a number of links, data generation, data storage, data processing, sharing, retrieval, analysis and visualization, and so on. The business needs of these different segments are creating new technology models and methods to implement new business models.

Amazon is a pioneer in data storage, and its S3 cloud service has become the industry standard for cloud storage. Amazon is a classic example of this domain, regardless of user usage, business model, convenience and scale of service offerings, and new technologies and patterns around NoSQL, 10gen mongodb,datastax Hadoop architecture Cassandra, NoSQL database technology provider Couchbase and so on.

In data processing, Hadoop is undoubtedly the preferred choice. This large data distributed processing architecture, derived from Google MapReduce, is the protagonist of a large data ecosystem. And many of the innovations in business and products are also created around this architecture. For example, Hortonworks, which is split by Yahoo, has Cloudera, the founder of Hadoop, Doug Cutting, to raise the mapr of Hadoop speed.

At the same time for data sharing, retrieval, analysis and visualization of innovative companies also have a lot. We see business models around large data ecosystems emerging. At the same time, the ecosystem in the field of security has sparked a wide range of discussions, in the field of security practitioners began to think, the company's own security-related data and the enterprise's information Data Warehouse can rub the spark?

So at the 2012 RSA Conference detonated the big data analysis can bring security breakthrough of the heated discussion. Some analysts and analysts believe that big data will spawn new security algorithm markets, new possibilities for security analysis, and Siem Security tools must keep up with this trend, while others remain cautious, such as the fact that statistical analysis of data does not understand security at all, and this discussion has just begun. There are a lot of problems and obstacles, and it's just a marketing stunt.

Such discussions are valuable. Is it "envy, or is it a retreat?" "The answer to the security industry is the latter. This trend attracts many innovative security companies, but also affects the nerves of the old security firms.

At the RSA 2012 Conference, RSA president Tom Heiser told ZDNet that "security spending will continue to increase as companies face high sustainability threats." At the same time, the security technology market will also change, that is, based on the traditional security of anti-virus, firewall and IPs technologies and solutions to the large data analysis and monitoring technology direction transformation. "As one of the points discussed above, large data is providing new possibilities for security analysis and means that the tools for security information and event Management (SIEM) must change."

And such changes have begun, such as RSA's threat detection product netwitness and HP's ArcSight SIM. Of course, there are a number of innovative security companies that are finding a balance between security and large data analysis (BDA) through new security methods, and they are optimistic about the combination of large data analysis and security, and have taken a step forward.

Let's take a look at every aspect of the big data ecosystem, and what innovators in the security world are doing with big data. The RSA 2012 conference saw many security companies driven by large data analysis, some of them are based on the technical aspects of large data analysis to change, some based on the application of large data analysis, such as Siem, apt detection, 0day vulnerability/Malicious code Analysis, network anomaly traffic detection, user behavior analysis, Network forensics analysis and security information analysis and other application directions.

The nitrosecurity architecture combines NoSQL to launch a hybrid storage architecture nitroedb that integrates Rmdb and NoSQL db. Nitrosecurity was under McAfee's income in October 2011. Its nitroview Siem has been integrated with McAfee's EPO to improve the rate of risk and threat assessment.

The core of Zettaset is Hadoop, which presents the security DW (SDW Data Warehouse). Mining security information from network firewalls, security devices, Web site traffic, business processes, and other transactions, identifying and blocking security threats, and providing security practice services for Siem. Zettaset's SDW products were available at the Black Hat Convention in 2011.

There are many security companies based on Hadoop and NoSQL architectures that do Siem. Next look at the application level, the above mentioned netwitness is one, RSA launched the RSA 2012 Congress on the day of the Netwitness live platform to expand the enterprise against apt threat of actionable intelligence advantage, Netwitness was acquired by EMC in April 2011 and is integrated with RSA's envision management platform.

Narus, a company that provides real-time, dynamic network analysis products, was acquired by Boeing in December 2011, which narusinsight the ability to enhance network management's insight into the transmission of data in networks, monitor malicious code and operations in suspicious networks, and issue warnings. Unlike Narus, Solera receptacle is a company that provides hardware network traffic detection equipment, and has just acquired the Intel-led 20 million dollar financing at the beginning of the year, which indexes and classifies all network traffic based on the Deepsee platform. Provide real-time network security monitoring for the enterprise.

User behavior analysis, Silver Tail BAE is mainly engaged in web fraud detection and Prevention system development company, the founder from PayPal and ebay.

Palantir is a network forensics analysis company, the company's financing is close to 200 million U.S. dollars, the market value of 2.5 billion U.S. dollars. Mainly for the government and financial institutions to provide data analysis platform, the product originated from PayPal anti-fraud measures, the company has 8 years of development history.

Security has been looking for a point of alignment with cutting-edge technology trends, whether it be cloud computing or large data, and security has been a savior who has freed technology trends. When security encounters big data, a new security ecosystem seems to be accompanied by the maturity of large data ecosystems that are clearly unfolding in front of us, and the power of capital operations and innovation drives security forward.

(Responsible editor: The good of the Legacy)