Large data intelligence to foresee secure future

    As more security vulnerabilities and data counterfeiting events become the international headlines, companies are taking steps to address the growing number of high-level persistent threats, data fraud incidents and internal attacks. Traditional security technologies lack the ability and predictability required to detect these attacks and to protect them from these attacks.      Traditional security technology can only solve a single aspect of the problem at best. Smart cyber criminals can circumvent these defenses and dive into the background of an enterprise's operating page to attack. They are skilled and have the patience to keep secret prying information in an enterprise's network for months or years, until they finally seize the opportunity to steal sensitive information such as intellectual property, credit card numbers, customer data, or fake data, or destroy the enterprise's network directly.      Faced with such a threat. Security does not have a foolproof approach, different companies have different security requirements, and the same method is not effective for every aspect of a company or a company. Small and medium enterprises have a deep understanding of this, they do not have this budget, but large enterprises have, so as they continue to increase, they need to customize security solutions. This solution must be flexible and affordable.      In the future, large data can help create a more humane security solution. After all, small and medium-sized enterprises have been using analytics to stay competitive. They understand that the proliferation of all structured and unstructured data can help managers make the smartest decisions. Such wise decisions can save time and money and boost productivity and economic growth. If applied to the security field, the solution will be more specific and targeted. Midsize companies will also benefit from that.      McAfee reports that companies store 11-15TB security data every week, and Gartner predicts that this number will multiply every year until 2016. Describe it in a figurative way: 10TB is the equivalent of the number of printed collections in the Library of Congress. While storing such large volumes of data, 58% of businesses are candid about keeping the data for less than three months, ignoring the advantages of storing the data.      Long-term retention and analysis of the situation, trends, and correlations of safety data indicate that it is essential for businesses to find and immediately address advanced ongoing threats. In order to gain timely threat intelligence in a large, fast-moving era with a wide variety of information flooding into stranded systems, businesses must analyze, store, and manage these large security data. These growing numbers of events, as well as assets, threats, users and related data, have created a large number of challenging security teams. Because of the need to define complex attacks, enterprises should jump out of the intrinsic modeTo implement real risk based analysis and modeling. The ideal approach is to use a data management system to return data to create a complex, timely method of analysis. In addition to being able to detect threats in a timely manner, companies should be able to identify potentially sinister long-term trends and patterns. Of course, digging up value information in huge amounts of information is like finding a needle in a haystack, and companies should spend a longer span of time and find the right needle in a risk-based context, only so they can respond positively to today's threats.      IBM's large data Security intelligence system provides a special threat and risk detection. This detection technology combines the real-time security visibility of IBM's Qradar Security Intelligence platform with the customization analysis of IBM's large data platform. Qradar performs real-time correlation, anomaly detection, and reporting of immediate threat detection, while also sending enhanced security data to IBM large data products, such as IBM Infosphere biginsights. IBM's large data product analysis reinforces security information that comes from Qrader and unstructured and semi-structured data sources, and accommodates a wide variety and a large number of data for advanced security and risk as use cases. The information is then fed back to the Qradar, which provides a closed loop for the information and can be used for reference. Gather, monitor, detect, analyze, and report on security and enterprise data in a way that was not previously possible, resulting in an integrated, intelligent solution. This design allows you to start with any product in the IBM solution and add the additional functionality you need.      Core performance includes real-time correlation and anomaly detection of:     diversified security data.      High speed query for safe intelligent data.      Large-scale data analysis involves all structured and unstructured data, including security data, e-mail, document and social media content, capture data for the entire package, business process data, and other information.      Graphical front-end tools for visualizing and exploring large data.      of deep visibility.      Although large data itself may be a new technology, it still follows certain rules if it is viewed from a security standpoint. IBM provides intelligent, integrated and expert products and services through a complete set of IBM Security Management Framework systems. and set up a global information security related institutions, including: Security incident Processing Center, Information Security Research Institute, Security Solutions Development Center, Information Advanced Research Institute。