Improving security by providing context to Big Data
At RSA Conference 2013 in San Francisco, HP announced new offerings that enable organizations to use unique contextual understanding to gain actionable security intelligence from Big Data to better detect and prevent threats.
Uniting comprehensive, real-time correlation with content analytics
HP has integrated the SIEM capabilities of HP ArcSight with the HP Autonomy IDOL content analytics engine. This combination automatically recognizes the context, concepts, sentiments and usage patterns related to how users interact with all forms of data.
The new solution broadens the reach of an organization’s security monitoring capabilities by bringing meaning to raw security data. By enabling the tracking and analysis of human sentiments associated with data, such as behavior patterns, organizations are better equipped to quickly identify threats that would have previously gone unnoticed.
While HP Autonomy helps organizations understand internal and external interactions with data, the new HP ArcSight Cloud Connector Framework allows organizations to easily collect application event and log data from cloud service providers. The HP ArcSight Cloud Connector Framework is based on industry-standard protocols, providing a single, real-time view into user activity and threat monitoring for on-premises and cloud applications.
Leveraging Hadoop Big Data for broader security analysis
The new HP ArcSight/Hadoop Integration Utility is a plug-in ready platform that seamlessly integrates HP ArcSight 6.0c with Apache Hadoop. Together, the technologies speed the process of digging through Big Data stores.
The solution links HP ArcSight’s reporting, search and correlation capabilities with Hadoop’s large, centralized storage repository, giving organizations the storage capacity needed to handle petabytes of information. Open-source machine-learning algorithms, statistical analysis, anomaly detection and predictive analytics can be applied to the stored data, providing greater insight and resolution into security events.
“Many organizations have not been able to access the critical information they need to combat potential threats,” said Art Gilliland, senior vice president and general manager, Enterprise Security Products, HP. “With the integration of cloud monitoring, content analytics and Big Data processing, HP provides clients with the context needed to effectively stop potential breaches.”