EMC Silver Tail Acquisition Underscores Fact: Security Data is Often Big Data

November 15, 2012

EMC is acquiring privately held Silver Tail, whose security solution focuses on high-volume behavioral analysis of web sessions to detect fraud, highlighting the fact that at scale, analysis of security data is a big data problem. As the number of systems and activities being monitored continues to increase, the location of systems becomes more variable and dynamic with the use of external cloud resources, and the number of avenues for reaching systems expands to incorporate mobile platforms, security logs get enormously bigger. As the stakes of compromise and breach get higher thanks to expanding compliance regimes, the importance of understanding what logs can say is also increasing rapidly, and the tools and techniques of big data are being brought to bear. Analysis of security data is the primary driver of big-data activities for fewer than 11% of organizations with a big data initiative, although 3.8% do specifically cite compliance as their primary driver.

BTA Bottom Line:

Keep an eye not just on the daily volume of logs you generate but also on the rate of change, and decide whether you need to begin now to bring new tools to bear on the problem of extracting actionable intelligence from that data. Tools including Silver Tail, Splunk, Logg.ly, and more traditional SIEM systems like HP ArcSight may be part of your solution.