SlideShare a Scribd company logo

El contexto de la integración masiva de datos

Software Guru
Software Guru

http://sg.com.mx/sgce/2013/sessions/el-contexto-la-integraci%C3%B3n-masiva-datos Los ejecutivos de las áreas de TI saben con certeza que la información de negocio más importante, se encuentra escondida en billones de eventos de seguridad. La habilidad de integrar datos para obtener una fotografía clara de la situación actual, es esencial en la manera que hoy día se detectan los ataques clandestinos. Basado en la colección, manejo y análisis; la seguridad de los datos puede ser un gran activo o un enorme dolor de cabeza. Los desafíos de las llamadas soluciones “SIEM legacy” combinadas con metodologías de inteligencia en seguridad, pueden llevar su organización al siguiente nivel cuando ataques internos y externos se presentan, siempre en cumplimiento reportando, administrando y entregando un valor excepcional y rentabilidad. Conozca como responder ante las necesidades del Big Data mediante la integración de inteligencia global de amenazas (GTI).

Technology
1 of 38
Download to read offline
Mucho Big Data ¿y la Seguridad para cuándo? July 9, 2013 Juan Carlos Vázquez Sales Systems Engineer, LTAM
"Los datos personales son el petróleo del siglo XXI"
Una montaña de datos
>15000 Millones Dispositivos Conectados2 (15B) 1. IDC “Server Workloads Forecast” 2009. 2.IDC “The Internet Reaches Late Adolescence” Dec 2009, extrapolationby Intel for 2015 2.ECG “Worldwide Device Estimates Year 2020 - Intel One Smart Network Work” forecast 3. Source: http://www.cisco.com/assets/cdc_content_elements/networking_solutions/service_provider/visual_networking_ip_traffic_chart.html extrapolatedto 2015 En 2015… Mayor demanda para los Data Centers >1000 Million Mas Netizen’s1 (1B) >1 Zetabyte Tráfico en Internet3 (1000 Exabytes)
Source: IDC, 2011 Worldwide Enterprise Storage Systems 2011–2015 Forecast Update. Worldwide Enterprise Storage Consumption Capacity Shipped by Model, 2006–2015 (PB) 2.7 ZB de datos en 2012, 15,000 milliones de dispositivos conectados en 2015 Al rededor de 24 Petabytes De datos procesados por Google* al día en 2011 4,000 milliones Piezas de contenido compartidas en Facebook* cada día (Julio 2011) 250 milliones …de Tweets por día en Octubre de 2011 5.5 milliones Emails (legítimos) por segundo en 2011 Una explosión de datos
Más datos… 6 En 2020, el volumen de información será de 35.2 Zettabytes En el 2020, el volumen de información digital alcanzará los 35.2 Zettabytes (1 ZB es igual a 1 trillón de GB), frente al 1.8 ZB de 2010. Ese crecimiento exponencial de los datos hace de Big Data la fuerza motriz de la era de la información, de acuerdo con estimaciones de Sogeti, compañía del Grupo Capgemini. Por su parte, la consultora Gartner afirma que las empresas capaces de tener información más valiosa, procesarla y administrarla, obtendrán resultados financieros un 20% mejor que sus competidores.
Un caso El New York Times usó 100 instancias de Amazon EC2 y Hadoop para procesar 4 TB de datos en imágenes TIFF y obtener 11 millones de PDFs en 24 hrs a un costo de $240 usd http://en.wikipedia.org/wiki/Apache_Hadoop
Otro caso Los clusters para Hadoop en Yahoo! cuentan con 40,000 servidores y almacenan 40 petabytes de datos, y donde el cluster mayor es de 4,000 sevidores http://www.aosabook.org/en/hdfs.html
Solo un caso más En 2010 Facebook declaró que tenía el cluster de Hadoop mas grande del mundo con 21 PB. En 2011 anunció que había crecido a 30PB y hacia la mitad de 2012 alcanzó los 100PB. En Noviembre 8, 2012 ellos anunciaron que su almacen de datos crece casi la mitad de un PB por día. http://en.wikipedia.org/wiki/Apache_Hadoop
Big Data 10 Es un término aplicado a conjuntos de datos que superan la capacidad del software habitual para ser capturados, gestionados y procesados en un tiempo razonable. Los tamaños del “Big Data" se encuentran constantemente en movimiento creciente, de esta forma en 2012 se encontraba dimensionado en un tamaño de una docena de terabytes hasta varios petabytes de datos en un único data set. Los retos incluyen la captura, el procesamiento, el almacenamiento, el compartir inteligencia, el análisis y la visualización. Beneficio para el sector Salud, Financiero, Telcos, Energía, Tráfico, Marketing, Manufactura, Seguridad… quién hará la pregunta correcta?
The four Vs 11 • Volume. When the term big data is used, data volume typically ranges multiple terabytes to petabytes. This certainly fits the enterprise security model as it is not uncommon for large organizations to collect tens of terabytes of security data on a monthly basis. • Velocity. This term is used with respect to real-time data analysis requirements. In cybersecurity, velocity can refer to the need for immediate anomaly, or incident detection. Real-time data analysis is critical here to minimize damages associated with a cybersecurity attack. • Variety. Big data can be made up of multiple data types and feeds including structured and unstructured data. From a security perspective, data variety could include log files, network flows, IP packet capture, external threat/vulnerability intelligence, click streams, network/physical access, and social networking activity, etc. It is not unusual for enterprises to collect hundreds of different types of data feeds for security analysis. • Veracity. Big data must be trustworthy and accurate. From a security perspective, this means trusting the confidentiality, integrity, and availability of data sources like log files and external data feeds.
Thousands of Events The Big Security Data Challenge BILLIONS OF EVENTS Correlate Events Consolidate Logs Perimeter APTs Cloud Data Insider BILLIONS OF EVENTS
The Security Dilemma MONITORING TECHNIQUES MUST ADVANCE VISIBILITY INSTRUMENTATION Instrumentation and data collection are still critical, but applying filters derived from intelligence is the path to achieving better security.
Big Data vs. Big Security Data Datasets whose size and variety is beyond the ability of typical database software to capture, store, manage and analyze. Understanding Security Data As Big Data • How do I gather security context? • How do I manage big security information? • How do I make security information management work? BIG DATA BIG SECURITY DATA • Size of Security Data doubling annually • Advanced threats demand collecting more data • Legacy data management approaches failing • SIEM use shifting from compliance to security Security Big Data is about matching security intelligence with the right collected data.
Gartner says… • The amount of data analyzed by enterprise information security organizations will double every year through 2016. • By 2016, 40% of enterprises will actively analyze at least 10 terabytes of data for information security intelligence, up from less than 3% in 2011. • By 2016, 40% of Type A enterprises will create and staff a security analytics role, up from less than 1% in 2011.
Goal… One of the primary drivers of security analytics will be the need to identify when an advanced targeted attack has bypassed traditional preventative security controls and has penetrated the organization.
Needle in a Datastack 17 • Organizations are storing approximately 11-15 terabytes of security data a week. • The ability to detect data breaches within minutes is critical in preventing data loss, yet only 35 percent of firms stated that they have the ability to do this. • In fact, more than a fifth (22 percent) said they would need a day to identify a breach, and five percent said this process would take up to a week. On average, organizations reported that it takes 10 hours for a security breach to be recognized. • Nearly three quarters (73 percent) of respondents claimed they can assess their security status in real-time and they also responded with confidence in their ability to identify in real-time insider threat detection (74 percent), perimeter threats (78 percent), zero day malware (72 percent) and compliance controls (80 percent). However, of the 58 percent of organizations that said they had suffered a security breach in the last year, just a quarter (24 percent) had recognized it within minutes. In addition, when it came to actually finding the source of the breach, only 14 percent could do so in minutes, while 33 percent said it took a day and 16 percent said a week. The study, conducted by research firm Vanson Bourne, interviewed 500 senior IT decision makers in January 2013, including 200 in the USA and 100 each in the UK, Germany and Australia.
Datos útiles…de Verizon 2012 18 • “84% de los incidentes de seguridad (intrusiones exitosas) se han reflejado en los logs” • “Sólo el 8% de los incidentes de seguridad detectados por las empresas han sido por minar sus logs”
Normalización 19
What else happened at this time? Near this time? What is the time zone? What is this service? What other messages did it produce? What other systems does it run on? What is the hosts IP address? Other names? Location on the network/datacenter? Who is the admin? Is this system vulnerable to exploits? What does this number mean? s this documented somewhere? Who is this user? What is the users access-level? What is the users real name, department, location? What other events from this user? What is this port? Is this a normal port for this service? What else is this service being used for? DNS name, Windows name, Other names? Whois info? Organization owner? Where does the IP originate from (geo location info)? What else happened on this host? Which other hosts did this IP communicate with? SIEM is Still Evolving …Beyond Logs
SEM + SIM = SIEM SIEM is the Evolution and Integration of Two Distinct Technologies  Security Event Management (SEM) ― Primarily focused on Collecting and Aggregating Security Events  Security Information Management (SIM) ― Primarily focused on the Enrichment, Normalization, and Correlation of Security Events Security Information & Event Management (SIEM) is a Set of Technologies for:  Log Data Collection  Correlation  Aggregation  Normalization  Retention  Analysis and Workflow 1 2 3 Three Major Factors Driving the Majority of SIEM Implementations Real-Time Threat Visibility Security Operational Efficiency Compliance and/or Log Management Requirements
The State of SIEM Antiquated Architectures Force Choices Between Time-to-Data and Intelligence Events Alone Do Not Provide Enough Context to Combat Today’s Threats Complex Usability and Implementation Have Caused Costs To Skyrocket 00001001001111 11010101110101 10001010010100 00101011101101 VS Legacy SIEM REALITY: Turns Security Data Into Actionable Information Provides an Intelligent Investigation Platform Supports Management and Demonstration of Compliance SIEM Promise:
Shifting from Compliance to Security 23 Source: InformationWeek 2012 Security Information and Event Management Vendor Evaluation Survey of 322 business technology professionals, April 2012
SIEM as solution to detect CyberAttacks
Medium Risk High Risk Global Threat Intelligence and SIEM McAfee Labs IP Reputation Updates GOOD SUSPECT BAD IP REPUTATION CHECK Botnet/ DDos Mail/ Spam Sending Web Access Malware Hosting Network Probing Network Probing Presence of Malware DNS Hosting Activity Intrusion Attacks AUTOMATIC IDENTIFICATION AUTOMATIC RISK ANALYSIS VIA ADVANCED CORRELATION ENGINE
GTI with SIEM Delivers Even Greater Value Sorting Through a Sea of Events… 200M events 18,000 alerts and logs Dozens of endpoints Handful of users Specific files breached (if any) Optimized response RESPOND Have I Been Communicating With Bad Actors? Which Communication Was Not Blocked? What Specific Servers/Endpoints/ Devices Were Breached? Which User Accounts Were Compromised? What Occurred With Those Accounts? How Should I Respond?
Manejo de Eventos…
Priorizar los eventos de seguridad
De arriba hacia abajo…
Si bueno, con quién hablo?
Conocimiento de mi ambiente…
McAfee ESM McAfee Starts at the Core July 9, 2013 32 McAfee DB • Real-time, complex analysis • Indexing purpose-built for SIEM • Massive context feeds with enrichment • Historical retrieval and analytics • Integrated log and event management • No DBA required SMART FAST Scale, Analytical flexibility, Performance
Sitios Web Maliciosos… 33
El malware está aquí…
Spam y Bots en descenso…
Conclusiones… • Usar y encender tus Logs • Primero un Log Mgmt antes que un SIEM • No hay “balas de plata” • Gana el pensamiento vs la tecnología • Menos es más • Windows Events Logs • Syslogs • DNS • App Logs • Context Awareness (Geolocation, Users, VM, Asset Mgmt, etc) • Casos de uso , caso de uso, casos de uso! • Arquitecturas de Big Data • Alta velocidad (I/O), horas para ver un reporte? O minutos para una vista? • Feeds de Seguridad (Sistemas de reputación) • Seguridad Interconectada • IP mala de reputación automáticamente bloqueada por el IPS. • Equipo que tuvo contacto con IP maliciosa ser analizado desde el SIEM
“If you’re in a fight, you need to know that while it’s happening, not after the fact”
El contexto de la integración masiva de datos

Recommended

Big Data Security Analytics (BDSA) with Randy Franklin
Big Data Security Analytics (BDSA) with Randy FranklinBig Data Security Analytics (BDSA) with Randy Franklin
Big Data Security Analytics (BDSA) with Randy FranklinSridhar Karnam
 
Leverage Big Data for Security Intelligence
Leverage Big Data for Security Intelligence Leverage Big Data for Security Intelligence
Leverage Big Data for Security Intelligence Stefaan Van daele
 
DataWorks 2018: How Big Data and AI Saved the Day
DataWorks 2018: How Big Data and AI Saved the DayDataWorks 2018: How Big Data and AI Saved the Day
DataWorks 2018: How Big Data and AI Saved the DayInterset
 
Big Data, Security Intelligence, (And Why I Hate This Title)
Big Data, Security Intelligence, (And Why I Hate This Title) Big Data, Security Intelligence, (And Why I Hate This Title)
Big Data, Security Intelligence, (And Why I Hate This Title) Coastal Pet Products, Inc.
 
IANS Forum Charlotte: Operationalizing Big Data Security [Tech Spotlight]
IANS Forum Charlotte: Operationalizing Big Data Security [Tech Spotlight]IANS Forum Charlotte: Operationalizing Big Data Security [Tech Spotlight]
IANS Forum Charlotte: Operationalizing Big Data Security [Tech Spotlight]Interset
 
IANS Forum Seattle Technology Spotlight: Looking for and Finding the Inside...
IANS Forum Seattle Technology Spotlight: Looking for and Finding the Inside...IANS Forum Seattle Technology Spotlight: Looking for and Finding the Inside...
IANS Forum Seattle Technology Spotlight: Looking for and Finding the Inside...Interset
 
How to Operationalize Big Data Security Analytics - Technology Spotlight at I...
How to Operationalize Big Data Security Analytics - Technology Spotlight at I...How to Operationalize Big Data Security Analytics - Technology Spotlight at I...
How to Operationalize Big Data Security Analytics - Technology Spotlight at I...Interset
 
Atlanta ISSA 2010 Enterprise Data Protection Ulf Mattsson
Atlanta ISSA 2010 Enterprise Data Protection Ulf MattssonAtlanta ISSA 2010 Enterprise Data Protection Ulf Mattsson
Atlanta ISSA 2010 Enterprise Data Protection Ulf MattssonUlf Mattsson
 

Recommended

Big Data Security Analytics (BDSA) with Randy Franklin
Big Data Security Analytics (BDSA) with Randy FranklinBig Data Security Analytics (BDSA) with Randy Franklin
Big Data Security Analytics (BDSA) with Randy FranklinSridhar Karnam
 
Leverage Big Data for Security Intelligence
Leverage Big Data for Security Intelligence Leverage Big Data for Security Intelligence
Leverage Big Data for Security Intelligence Stefaan Van daele
 
DataWorks 2018: How Big Data and AI Saved the Day
DataWorks 2018: How Big Data and AI Saved the DayDataWorks 2018: How Big Data and AI Saved the Day
DataWorks 2018: How Big Data and AI Saved the DayInterset
 
Big Data, Security Intelligence, (And Why I Hate This Title)
Big Data, Security Intelligence, (And Why I Hate This Title) Big Data, Security Intelligence, (And Why I Hate This Title)
Big Data, Security Intelligence, (And Why I Hate This Title) Coastal Pet Products, Inc.
 
IANS Forum Charlotte: Operationalizing Big Data Security [Tech Spotlight]
IANS Forum Charlotte: Operationalizing Big Data Security [Tech Spotlight]IANS Forum Charlotte: Operationalizing Big Data Security [Tech Spotlight]
IANS Forum Charlotte: Operationalizing Big Data Security [Tech Spotlight]Interset
 
IANS Forum Seattle Technology Spotlight: Looking for and Finding the Inside...
IANS Forum Seattle Technology Spotlight: Looking for and Finding the Inside...IANS Forum Seattle Technology Spotlight: Looking for and Finding the Inside...
IANS Forum Seattle Technology Spotlight: Looking for and Finding the Inside...Interset
 
How to Operationalize Big Data Security Analytics - Technology Spotlight at I...
How to Operationalize Big Data Security Analytics - Technology Spotlight at I...How to Operationalize Big Data Security Analytics - Technology Spotlight at I...
How to Operationalize Big Data Security Analytics - Technology Spotlight at I...Interset
 
Atlanta ISSA 2010 Enterprise Data Protection Ulf Mattsson
Atlanta ISSA 2010 Enterprise Data Protection Ulf MattssonAtlanta ISSA 2010 Enterprise Data Protection Ulf Mattsson
Atlanta ISSA 2010 Enterprise Data Protection Ulf MattssonUlf Mattsson
 
WEBINAR: How To Use Artificial Intelligence To Prevent Insider Threats
WEBINAR: How To Use Artificial Intelligence To Prevent Insider ThreatsWEBINAR: How To Use Artificial Intelligence To Prevent Insider Threats
WEBINAR: How To Use Artificial Intelligence To Prevent Insider ThreatsInterset
 
Data centric security key to digital business success - ulf mattsson - bright...
Data centric security key to digital business success - ulf mattsson - bright...Data centric security key to digital business success - ulf mattsson - bright...
Data centric security key to digital business success - ulf mattsson - bright...Ulf Mattsson
 
Big data security challenges and recommendations!
Big data security challenges and recommendations!Big data security challenges and recommendations!
Big data security challenges and recommendations!cisoplatform
 
VeriSign iDefense Security Intelligence Services
VeriSign iDefense Security Intelligence ServicesVeriSign iDefense Security Intelligence Services
VeriSign iDefense Security Intelligence ServicesTechBiz Forense Digital
 
Big security for_big_data
Big security for_big_dataBig security for_big_data
Big security for_big_dataShyam Sarkar
 
How the latest trends in data security can help your data protection strategy...
How the latest trends in data security can help your data protection strategy...How the latest trends in data security can help your data protection strategy...
How the latest trends in data security can help your data protection strategy...Ulf Mattsson
 
Myths and realities of data security and compliance - Isaca Alanta - ulf matt...
Myths and realities of data security and compliance - Isaca Alanta - ulf matt...Myths and realities of data security and compliance - Isaca Alanta - ulf matt...
Myths and realities of data security and compliance - Isaca Alanta - ulf matt...Ulf Mattsson
 
How can i find my security blind spots in Oracle - nyoug - sep 2016
How can i find my security blind spots in Oracle - nyoug - sep 2016How can i find my security blind spots in Oracle - nyoug - sep 2016
How can i find my security blind spots in Oracle - nyoug - sep 2016Ulf Mattsson
 
How to protect the cookies once someone gets into the cookie jar
How to protect the cookies once someone gets into the cookie jarHow to protect the cookies once someone gets into the cookie jar
How to protect the cookies once someone gets into the cookie jarJudgeEagle
 
Big Data Analytics for Cyber Security: A Quick Overview
Big Data Analytics for Cyber Security: A Quick OverviewBig Data Analytics for Cyber Security: A Quick Overview
Big Data Analytics for Cyber Security: A Quick OverviewFemi Ashaye
 
Security bigdata
Security bigdataSecurity bigdata
Security bigdataJitendra Chauhan
 
IANS Forum Dallas - Technology Spotlight Session
IANS Forum Dallas - Technology Spotlight SessionIANS Forum Dallas - Technology Spotlight Session
IANS Forum Dallas - Technology Spotlight SessionInterset
 
Big data security
Big data securityBig data security
Big data securityAnne ndolo
 
How can i find my security blind spots ulf mattsson - aug 2016
How can i find my security blind spots ulf mattsson - aug 2016How can i find my security blind spots ulf mattsson - aug 2016
How can i find my security blind spots ulf mattsson - aug 2016Ulf Mattsson
 
Big Data Security Intelligence and Analytics for Advanced Threat Protection
Big Data Security Intelligence and Analytics for Advanced Threat ProtectionBig Data Security Intelligence and Analytics for Advanced Threat Protection
Big Data Security Intelligence and Analytics for Advanced Threat ProtectionBlue Coat
 
User and entity behavior analytics: building an effective solution
User and entity behavior analytics: building an effective solutionUser and entity behavior analytics: building an effective solution
User and entity behavior analytics: building an effective solutionYolanta Beresna
 
November 2013 HUG: Cyber Security with Hadoop
November 2013 HUG: Cyber Security with HadoopNovember 2013 HUG: Cyber Security with Hadoop
November 2013 HUG: Cyber Security with HadoopYahoo Developer Network
 
What's behind a cyber attack
What's behind a cyber attackWhat's behind a cyber attack
What's behind a cyber attackAndreanne Clarke
 
One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...
One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...
One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...Forcepoint LLC
 
Big security for big data
Big security for big dataBig security for big data
Big security for big dataAri Elias-Bachrach
 
Cyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsCyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsUlf Mattsson
 
Big security for big data
Big security for big dataBig security for big data
Big security for big dataGiuliano Tavaroli
 

More Related Content

What's hot

WEBINAR: How To Use Artificial Intelligence To Prevent Insider Threats
WEBINAR: How To Use Artificial Intelligence To Prevent Insider ThreatsWEBINAR: How To Use Artificial Intelligence To Prevent Insider Threats
WEBINAR: How To Use Artificial Intelligence To Prevent Insider ThreatsInterset
 
Data centric security key to digital business success - ulf mattsson - bright...
Data centric security key to digital business success - ulf mattsson - bright...Data centric security key to digital business success - ulf mattsson - bright...
Data centric security key to digital business success - ulf mattsson - bright...Ulf Mattsson
 
Big data security challenges and recommendations!
Big data security challenges and recommendations!Big data security challenges and recommendations!
Big data security challenges and recommendations!cisoplatform
 
VeriSign iDefense Security Intelligence Services
VeriSign iDefense Security Intelligence ServicesVeriSign iDefense Security Intelligence Services
VeriSign iDefense Security Intelligence ServicesTechBiz Forense Digital
 
Big security for_big_data
Big security for_big_dataBig security for_big_data
Big security for_big_dataShyam Sarkar
 
How the latest trends in data security can help your data protection strategy...
How the latest trends in data security can help your data protection strategy...How the latest trends in data security can help your data protection strategy...
How the latest trends in data security can help your data protection strategy...Ulf Mattsson
 
Myths and realities of data security and compliance - Isaca Alanta - ulf matt...
Myths and realities of data security and compliance - Isaca Alanta - ulf matt...Myths and realities of data security and compliance - Isaca Alanta - ulf matt...
Myths and realities of data security and compliance - Isaca Alanta - ulf matt...Ulf Mattsson
 
How can i find my security blind spots in Oracle - nyoug - sep 2016
How can i find my security blind spots in Oracle - nyoug - sep 2016How can i find my security blind spots in Oracle - nyoug - sep 2016
How can i find my security blind spots in Oracle - nyoug - sep 2016Ulf Mattsson
 
How to protect the cookies once someone gets into the cookie jar
How to protect the cookies once someone gets into the cookie jarHow to protect the cookies once someone gets into the cookie jar
How to protect the cookies once someone gets into the cookie jarJudgeEagle
 
Big Data Analytics for Cyber Security: A Quick Overview
Big Data Analytics for Cyber Security: A Quick OverviewBig Data Analytics for Cyber Security: A Quick Overview
Big Data Analytics for Cyber Security: A Quick OverviewFemi Ashaye
 
IANS Forum Dallas - Technology Spotlight Session
IANS Forum Dallas - Technology Spotlight SessionIANS Forum Dallas - Technology Spotlight Session
IANS Forum Dallas - Technology Spotlight SessionInterset
 
Big data security
Big data securityBig data security
Big data securityAnne ndolo
 
How can i find my security blind spots ulf mattsson - aug 2016
How can i find my security blind spots ulf mattsson - aug 2016How can i find my security blind spots ulf mattsson - aug 2016
How can i find my security blind spots ulf mattsson - aug 2016Ulf Mattsson
 
Big Data Security Intelligence and Analytics for Advanced Threat Protection
Big Data Security Intelligence and Analytics for Advanced Threat ProtectionBig Data Security Intelligence and Analytics for Advanced Threat Protection
Big Data Security Intelligence and Analytics for Advanced Threat ProtectionBlue Coat
 
User and entity behavior analytics: building an effective solution
User and entity behavior analytics: building an effective solutionUser and entity behavior analytics: building an effective solution
User and entity behavior analytics: building an effective solutionYolanta Beresna
 
November 2013 HUG: Cyber Security with Hadoop
November 2013 HUG: Cyber Security with HadoopNovember 2013 HUG: Cyber Security with Hadoop
November 2013 HUG: Cyber Security with HadoopYahoo Developer Network
 
What's behind a cyber attack
What's behind a cyber attackWhat's behind a cyber attack
What's behind a cyber attackAndreanne Clarke
 
One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...
One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...
One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...Forcepoint LLC
 

What's hot (20)

WEBINAR: How To Use Artificial Intelligence To Prevent Insider Threats
WEBINAR: How To Use Artificial Intelligence To Prevent Insider ThreatsWEBINAR: How To Use Artificial Intelligence To Prevent Insider Threats
WEBINAR: How To Use Artificial Intelligence To Prevent Insider Threats
 
Data centric security key to digital business success - ulf mattsson - bright...
Data centric security key to digital business success - ulf mattsson - bright...Data centric security key to digital business success - ulf mattsson - bright...
Data centric security key to digital business success - ulf mattsson - bright...
 
Big data security challenges and recommendations!
Big data security challenges and recommendations!Big data security challenges and recommendations!
Big data security challenges and recommendations!
 
VeriSign iDefense Security Intelligence Services
VeriSign iDefense Security Intelligence ServicesVeriSign iDefense Security Intelligence Services
VeriSign iDefense Security Intelligence Services
 
Big security for_big_data
Big security for_big_dataBig security for_big_data
Big security for_big_data
 
How the latest trends in data security can help your data protection strategy...
How the latest trends in data security can help your data protection strategy...How the latest trends in data security can help your data protection strategy...
How the latest trends in data security can help your data protection strategy...
 
Myths and realities of data security and compliance - Isaca Alanta - ulf matt...
Myths and realities of data security and compliance - Isaca Alanta - ulf matt...Myths and realities of data security and compliance - Isaca Alanta - ulf matt...
Myths and realities of data security and compliance - Isaca Alanta - ulf matt...
 
How can i find my security blind spots in Oracle - nyoug - sep 2016
How can i find my security blind spots in Oracle - nyoug - sep 2016How can i find my security blind spots in Oracle - nyoug - sep 2016
How can i find my security blind spots in Oracle - nyoug - sep 2016
 
How to protect the cookies once someone gets into the cookie jar
How to protect the cookies once someone gets into the cookie jarHow to protect the cookies once someone gets into the cookie jar
How to protect the cookies once someone gets into the cookie jar
 
Big Data Analytics for Cyber Security: A Quick Overview
Big Data Analytics for Cyber Security: A Quick OverviewBig Data Analytics for Cyber Security: A Quick Overview
Big Data Analytics for Cyber Security: A Quick Overview
 
Security bigdata
Security bigdataSecurity bigdata
Security bigdata
 
IANS Forum Dallas - Technology Spotlight Session
IANS Forum Dallas - Technology Spotlight SessionIANS Forum Dallas - Technology Spotlight Session
IANS Forum Dallas - Technology Spotlight Session
 
Big data security
Big data securityBig data security
Big data security
 
How can i find my security blind spots ulf mattsson - aug 2016
How can i find my security blind spots ulf mattsson - aug 2016How can i find my security blind spots ulf mattsson - aug 2016
How can i find my security blind spots ulf mattsson - aug 2016
 
Big Data Security Intelligence and Analytics for Advanced Threat Protection
Big Data Security Intelligence and Analytics for Advanced Threat ProtectionBig Data Security Intelligence and Analytics for Advanced Threat Protection
Big Data Security Intelligence and Analytics for Advanced Threat Protection
 
User and entity behavior analytics: building an effective solution
User and entity behavior analytics: building an effective solutionUser and entity behavior analytics: building an effective solution
User and entity behavior analytics: building an effective solution
 
November 2013 HUG: Cyber Security with Hadoop
November 2013 HUG: Cyber Security with HadoopNovember 2013 HUG: Cyber Security with Hadoop
November 2013 HUG: Cyber Security with Hadoop
 
What's behind a cyber attack
What's behind a cyber attackWhat's behind a cyber attack
What's behind a cyber attack
 
One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...
One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...
One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...
 
Big security for big data
Big security for big dataBig security for big data
Big security for big data
 

Similar to El contexto de la integración masiva de datos

Cyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsCyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsUlf Mattsson
 
Introduction to big data
Introduction to big dataIntroduction to big data
Introduction to big dataHari Priya
 
David valovcin big data - big risk
David valovcin big data - big riskDavid valovcin big data - big risk
David valovcin big data - big riskIBM Sverige
 
How Data Analytics is Re-defining Modern Era in Cyber Security
How Data Analytics is Re-defining Modern Era in Cyber SecurityHow Data Analytics is Re-defining Modern Era in Cyber Security
How Data Analytics is Re-defining Modern Era in Cyber SecuritySaqib Chaudhry
 
New regulations and the evolving cybersecurity technology landscape
New regulations and the evolving cybersecurity technology landscapeNew regulations and the evolving cybersecurity technology landscape
New regulations and the evolving cybersecurity technology landscapeUlf Mattsson
 
Data Analytics for Security Intelligence
Data Analytics for Security IntelligenceData Analytics for Security Intelligence
Data Analytics for Security IntelligenceData Driven Innovation
 
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...Information Security vs. Data Governance vs. Data Protection: What Is the Rea...
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...PECB
 
Netwatcher Credit Union Tech Talk
Netwatcher Credit Union Tech TalkNetwatcher Credit Union Tech Talk
Netwatcher Credit Union Tech TalkNetWatcher
 
The Insider Threat
The Insider ThreatThe Insider Threat
The Insider Threatillustro
 
Sqrrl Enterprise: Big Data Security Analytics Use Case
Sqrrl Enterprise: Big Data Security Analytics Use CaseSqrrl Enterprise: Big Data Security Analytics Use Case
Sqrrl Enterprise: Big Data Security Analytics Use CaseSqrrl
 
[Webinar Slides] Data Privacy – Learn What It Takes to Protect Your Information
[Webinar Slides] Data Privacy – Learn What It Takes to Protect Your Information[Webinar Slides] Data Privacy – Learn What It Takes to Protect Your Information
[Webinar Slides] Data Privacy – Learn What It Takes to Protect Your InformationAIIM International
 
Shariyaz abdeen data leakage prevention presentation
Shariyaz abdeen data leakage prevention presentationShariyaz abdeen data leakage prevention presentation
Shariyaz abdeen data leakage prevention presentationShariyaz Abdeen
 
Data mining with big data implementation
Data mining with big data implementationData mining with big data implementation
Data mining with big data implementationSandip Tipayle Patil
 

Similar to El contexto de la integración masiva de datos (20)

Cyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsCyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & Recommendations
 
Big security for big data
Big security for big dataBig security for big data
Big security for big data
 
Introduction to big data
Introduction to big dataIntroduction to big data
Introduction to big data
 
David valovcin big data - big risk
David valovcin big data - big riskDavid valovcin big data - big risk
David valovcin big data - big risk
 
How Data Analytics is Re-defining Modern Era in Cyber Security
How Data Analytics is Re-defining Modern Era in Cyber SecurityHow Data Analytics is Re-defining Modern Era in Cyber Security
How Data Analytics is Re-defining Modern Era in Cyber Security
 
New regulations and the evolving cybersecurity technology landscape
New regulations and the evolving cybersecurity technology landscapeNew regulations and the evolving cybersecurity technology landscape
New regulations and the evolving cybersecurity technology landscape
 
Introduction to Big Data
Introduction to Big DataIntroduction to Big Data
Introduction to Big Data
 
Big data
Big dataBig data
Big data
 
Big data
Big dataBig data
Big data
 
Data Analytics for Security Intelligence
Data Analytics for Security IntelligenceData Analytics for Security Intelligence
Data Analytics for Security Intelligence
 
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...Information Security vs. Data Governance vs. Data Protection: What Is the Rea...
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...
 
Netwatcher Credit Union Tech Talk
Netwatcher Credit Union Tech TalkNetwatcher Credit Union Tech Talk
Netwatcher Credit Union Tech Talk
 
Big Data Dectives
Big Data DectivesBig Data Dectives
Big Data Dectives
 
The Insider Threat
The Insider ThreatThe Insider Threat
The Insider Threat
 
Spo2 t17
Spo2 t17Spo2 t17
Spo2 t17
 
Sqrrl Enterprise: Big Data Security Analytics Use Case
Sqrrl Enterprise: Big Data Security Analytics Use CaseSqrrl Enterprise: Big Data Security Analytics Use Case
Sqrrl Enterprise: Big Data Security Analytics Use Case
 
[Webinar Slides] Data Privacy – Learn What It Takes to Protect Your Information
[Webinar Slides] Data Privacy – Learn What It Takes to Protect Your Information[Webinar Slides] Data Privacy – Learn What It Takes to Protect Your Information
[Webinar Slides] Data Privacy – Learn What It Takes to Protect Your Information
 
Shariyaz abdeen data leakage prevention presentation
Shariyaz abdeen data leakage prevention presentationShariyaz abdeen data leakage prevention presentation
Shariyaz abdeen data leakage prevention presentation
 
Data mining with big data implementation
Data mining with big data implementationData mining with big data implementation
Data mining with big data implementation
 
Data Mining With Big Data
Data Mining With Big DataData Mining With Big Data
Data Mining With Big Data
 

More from Software Guru

Hola Mundo del Internet de las Cosas
Hola Mundo del Internet de las CosasHola Mundo del Internet de las Cosas
Hola Mundo del Internet de las CosasSoftware Guru
 
Estructuras de datos avanzadas: Casos de uso reales
Estructuras de datos avanzadas: Casos de uso realesEstructuras de datos avanzadas: Casos de uso reales
Estructuras de datos avanzadas: Casos de uso realesSoftware Guru
 
Building bias-aware environments
Building bias-aware environmentsBuilding bias-aware environments
Building bias-aware environmentsSoftware Guru
 
El secreto para ser un desarrollador Senior
El secreto para ser un desarrollador SeniorEl secreto para ser un desarrollador Senior
El secreto para ser un desarrollador SeniorSoftware Guru
 
Cómo encontrar el trabajo remoto ideal
Cómo encontrar el trabajo remoto idealCómo encontrar el trabajo remoto ideal
Cómo encontrar el trabajo remoto idealSoftware Guru
 
Automatizando ideas con Apache Airflow
Automatizando ideas con Apache AirflowAutomatizando ideas con Apache Airflow
Automatizando ideas con Apache AirflowSoftware Guru
 
How thick data can improve big data analysis for business:
How thick data can improve big data analysis for business:How thick data can improve big data analysis for business:
How thick data can improve big data analysis for business:Software Guru
 
Introducción al machine learning
Introducción al machine learningIntroducción al machine learning
Introducción al machine learningSoftware Guru
 
Democratizando el uso de CoDi
Democratizando el uso de CoDiDemocratizando el uso de CoDi
Democratizando el uso de CoDiSoftware Guru
 
Gestionando la felicidad de los equipos con Management 3.0
Gestionando la felicidad de los equipos con Management 3.0Gestionando la felicidad de los equipos con Management 3.0
Gestionando la felicidad de los equipos con Management 3.0Software Guru
 
Taller: Creación de Componentes Web re-usables con StencilJS
Taller: Creación de Componentes Web re-usables con StencilJSTaller: Creación de Componentes Web re-usables con StencilJS
Taller: Creación de Componentes Web re-usables con StencilJSSoftware Guru
 
El camino del full stack developer (o como hacemos en SERTI para que no solo ...
El camino del full stack developer (o como hacemos en SERTI para que no solo ...El camino del full stack developer (o como hacemos en SERTI para que no solo ...
El camino del full stack developer (o como hacemos en SERTI para que no solo ...Software Guru
 
¿Qué significa ser un programador en Bitso?
¿Qué significa ser un programador en Bitso?¿Qué significa ser un programador en Bitso?
¿Qué significa ser un programador en Bitso?Software Guru
 
Colaboración efectiva entre desarrolladores del cliente y tu equipo.
Colaboración efectiva entre desarrolladores del cliente y tu equipo.Colaboración efectiva entre desarrolladores del cliente y tu equipo.
Colaboración efectiva entre desarrolladores del cliente y tu equipo.Software Guru
 
Pruebas de integración con Docker en Azure DevOps
Pruebas de integración con Docker en Azure DevOpsPruebas de integración con Docker en Azure DevOps
Pruebas de integración con Docker en Azure DevOpsSoftware Guru
 
Elixir + Elm: Usando lenguajes funcionales en servicios productivos
Elixir + Elm: Usando lenguajes funcionales en servicios productivosElixir + Elm: Usando lenguajes funcionales en servicios productivos
Elixir + Elm: Usando lenguajes funcionales en servicios productivosSoftware Guru
 
Así publicamos las apps de Spotify sin stress
Así publicamos las apps de Spotify sin stressAsí publicamos las apps de Spotify sin stress
Así publicamos las apps de Spotify sin stressSoftware Guru
 
Achieving Your Goals: 5 Tips to successfully achieve your goals
Achieving Your Goals: 5 Tips to successfully achieve your goalsAchieving Your Goals: 5 Tips to successfully achieve your goals
Achieving Your Goals: 5 Tips to successfully achieve your goalsSoftware Guru
 
Acciones de comunidades tech en tiempos del Covid19
Acciones de comunidades tech en tiempos del Covid19Acciones de comunidades tech en tiempos del Covid19
Acciones de comunidades tech en tiempos del Covid19Software Guru
 
De lo operativo a lo estratégico: un modelo de management de diseño
De lo operativo a lo estratégico: un modelo de management de diseñoDe lo operativo a lo estratégico: un modelo de management de diseño
De lo operativo a lo estratégico: un modelo de management de diseñoSoftware Guru
 

More from Software Guru (20)

Hola Mundo del Internet de las Cosas
Hola Mundo del Internet de las CosasHola Mundo del Internet de las Cosas
Hola Mundo del Internet de las Cosas
 
Estructuras de datos avanzadas: Casos de uso reales
Estructuras de datos avanzadas: Casos de uso realesEstructuras de datos avanzadas: Casos de uso reales
Estructuras de datos avanzadas: Casos de uso reales
 
Building bias-aware environments
Building bias-aware environmentsBuilding bias-aware environments
Building bias-aware environments
 
El secreto para ser un desarrollador Senior
El secreto para ser un desarrollador SeniorEl secreto para ser un desarrollador Senior
El secreto para ser un desarrollador Senior
 
Cómo encontrar el trabajo remoto ideal
Cómo encontrar el trabajo remoto idealCómo encontrar el trabajo remoto ideal
Cómo encontrar el trabajo remoto ideal
 
Automatizando ideas con Apache Airflow
Automatizando ideas con Apache AirflowAutomatizando ideas con Apache Airflow
Automatizando ideas con Apache Airflow
 
How thick data can improve big data analysis for business:
How thick data can improve big data analysis for business:How thick data can improve big data analysis for business:
How thick data can improve big data analysis for business:
 
Introducción al machine learning
Introducción al machine learningIntroducción al machine learning
Introducción al machine learning
 
Democratizando el uso de CoDi
Democratizando el uso de CoDiDemocratizando el uso de CoDi
Democratizando el uso de CoDi
 
Gestionando la felicidad de los equipos con Management 3.0
Gestionando la felicidad de los equipos con Management 3.0Gestionando la felicidad de los equipos con Management 3.0
Gestionando la felicidad de los equipos con Management 3.0
 
Taller: Creación de Componentes Web re-usables con StencilJS
Taller: Creación de Componentes Web re-usables con StencilJSTaller: Creación de Componentes Web re-usables con StencilJS
Taller: Creación de Componentes Web re-usables con StencilJS
 
El camino del full stack developer (o como hacemos en SERTI para que no solo ...
El camino del full stack developer (o como hacemos en SERTI para que no solo ...El camino del full stack developer (o como hacemos en SERTI para que no solo ...
El camino del full stack developer (o como hacemos en SERTI para que no solo ...
 
¿Qué significa ser un programador en Bitso?
¿Qué significa ser un programador en Bitso?¿Qué significa ser un programador en Bitso?
¿Qué significa ser un programador en Bitso?
 
Colaboración efectiva entre desarrolladores del cliente y tu equipo.
Colaboración efectiva entre desarrolladores del cliente y tu equipo.Colaboración efectiva entre desarrolladores del cliente y tu equipo.
Colaboración efectiva entre desarrolladores del cliente y tu equipo.
 
Pruebas de integración con Docker en Azure DevOps
Pruebas de integración con Docker en Azure DevOpsPruebas de integración con Docker en Azure DevOps
Pruebas de integración con Docker en Azure DevOps
 
Elixir + Elm: Usando lenguajes funcionales en servicios productivos
Elixir + Elm: Usando lenguajes funcionales en servicios productivosElixir + Elm: Usando lenguajes funcionales en servicios productivos
Elixir + Elm: Usando lenguajes funcionales en servicios productivos
 
Así publicamos las apps de Spotify sin stress
Así publicamos las apps de Spotify sin stressAsí publicamos las apps de Spotify sin stress
Así publicamos las apps de Spotify sin stress
 
Achieving Your Goals: 5 Tips to successfully achieve your goals
Achieving Your Goals: 5 Tips to successfully achieve your goalsAchieving Your Goals: 5 Tips to successfully achieve your goals
Achieving Your Goals: 5 Tips to successfully achieve your goals
 
Acciones de comunidades tech en tiempos del Covid19
Acciones de comunidades tech en tiempos del Covid19Acciones de comunidades tech en tiempos del Covid19
Acciones de comunidades tech en tiempos del Covid19
 
De lo operativo a lo estratégico: un modelo de management de diseño
De lo operativo a lo estratégico: un modelo de management de diseñoDe lo operativo a lo estratégico: un modelo de management de diseño
De lo operativo a lo estratégico: un modelo de management de diseño
 

Recently uploaded

unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxBkGupta21
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 

Recently uploaded (20)

unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptx
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 

El contexto de la integración masiva de datos

  • 1. Mucho Big Data ¿y la Seguridad para cuándo? July 9, 2013 Juan Carlos Vázquez Sales Systems Engineer, LTAM
  • 2. "Los datos personales son el petróleo del siglo XXI"
  • 4. >15000 Millones Dispositivos Conectados2 (15B) 1. IDC “Server Workloads Forecast” 2009. 2.IDC “The Internet Reaches Late Adolescence” Dec 2009, extrapolationby Intel for 2015 2.ECG “Worldwide Device Estimates Year 2020 - Intel One Smart Network Work” forecast 3. Source: http://www.cisco.com/assets/cdc_content_elements/networking_solutions/service_provider/visual_networking_ip_traffic_chart.html extrapolatedto 2015 En 2015… Mayor demanda para los Data Centers >1000 Million Mas Netizen’s1 (1B) >1 Zetabyte Tráfico en Internet3 (1000 Exabytes)
  • 5. Source: IDC, 2011 Worldwide Enterprise Storage Systems 2011–2015 Forecast Update. Worldwide Enterprise Storage Consumption Capacity Shipped by Model, 2006–2015 (PB) 2.7 ZB de datos en 2012, 15,000 milliones de dispositivos conectados en 2015 Al rededor de 24 Petabytes De datos procesados por Google* al día en 2011 4,000 milliones Piezas de contenido compartidas en Facebook* cada día (Julio 2011) 250 milliones …de Tweets por día en Octubre de 2011 5.5 milliones Emails (legítimos) por segundo en 2011 Una explosión de datos
  • 6. Más datos… 6 En 2020, el volumen de información será de 35.2 Zettabytes En el 2020, el volumen de información digital alcanzará los 35.2 Zettabytes (1 ZB es igual a 1 trillón de GB), frente al 1.8 ZB de 2010. Ese crecimiento exponencial de los datos hace de Big Data la fuerza motriz de la era de la información, de acuerdo con estimaciones de Sogeti, compañía del Grupo Capgemini. Por su parte, la consultora Gartner afirma que las empresas capaces de tener información más valiosa, procesarla y administrarla, obtendrán resultados financieros un 20% mejor que sus competidores.
  • 7. Un caso El New York Times usó 100 instancias de Amazon EC2 y Hadoop para procesar 4 TB de datos en imágenes TIFF y obtener 11 millones de PDFs en 24 hrs a un costo de $240 usd http://en.wikipedia.org/wiki/Apache_Hadoop
  • 8. Otro caso Los clusters para Hadoop en Yahoo! cuentan con 40,000 servidores y almacenan 40 petabytes de datos, y donde el cluster mayor es de 4,000 sevidores http://www.aosabook.org/en/hdfs.html
  • 9. Solo un caso más En 2010 Facebook declaró que tenía el cluster de Hadoop mas grande del mundo con 21 PB. En 2011 anunció que había crecido a 30PB y hacia la mitad de 2012 alcanzó los 100PB. En Noviembre 8, 2012 ellos anunciaron que su almacen de datos crece casi la mitad de un PB por día. http://en.wikipedia.org/wiki/Apache_Hadoop
  • 10. Big Data 10 Es un término aplicado a conjuntos de datos que superan la capacidad del software habitual para ser capturados, gestionados y procesados en un tiempo razonable. Los tamaños del “Big Data" se encuentran constantemente en movimiento creciente, de esta forma en 2012 se encontraba dimensionado en un tamaño de una docena de terabytes hasta varios petabytes de datos en un único data set. Los retos incluyen la captura, el procesamiento, el almacenamiento, el compartir inteligencia, el análisis y la visualización. Beneficio para el sector Salud, Financiero, Telcos, Energía, Tráfico, Marketing, Manufactura, Seguridad… quién hará la pregunta correcta?
  • 11. The four Vs 11 • Volume. When the term big data is used, data volume typically ranges multiple terabytes to petabytes. This certainly fits the enterprise security model as it is not uncommon for large organizations to collect tens of terabytes of security data on a monthly basis. • Velocity. This term is used with respect to real-time data analysis requirements. In cybersecurity, velocity can refer to the need for immediate anomaly, or incident detection. Real-time data analysis is critical here to minimize damages associated with a cybersecurity attack. • Variety. Big data can be made up of multiple data types and feeds including structured and unstructured data. From a security perspective, data variety could include log files, network flows, IP packet capture, external threat/vulnerability intelligence, click streams, network/physical access, and social networking activity, etc. It is not unusual for enterprises to collect hundreds of different types of data feeds for security analysis. • Veracity. Big data must be trustworthy and accurate. From a security perspective, this means trusting the confidentiality, integrity, and availability of data sources like log files and external data feeds.
  • 12. Thousands of Events The Big Security Data Challenge BILLIONS OF EVENTS Correlate Events Consolidate Logs Perimeter APTs Cloud Data Insider BILLIONS OF EVENTS
  • 13. The Security Dilemma MONITORING TECHNIQUES MUST ADVANCE VISIBILITY INSTRUMENTATION Instrumentation and data collection are still critical, but applying filters derived from intelligence is the path to achieving better security.
  • 14. Big Data vs. Big Security Data Datasets whose size and variety is beyond the ability of typical database software to capture, store, manage and analyze. Understanding Security Data As Big Data • How do I gather security context? • How do I manage big security information? • How do I make security information management work? BIG DATA BIG SECURITY DATA • Size of Security Data doubling annually • Advanced threats demand collecting more data • Legacy data management approaches failing • SIEM use shifting from compliance to security Security Big Data is about matching security intelligence with the right collected data.
  • 15. Gartner says… • The amount of data analyzed by enterprise information security organizations will double every year through 2016. • By 2016, 40% of enterprises will actively analyze at least 10 terabytes of data for information security intelligence, up from less than 3% in 2011. • By 2016, 40% of Type A enterprises will create and staff a security analytics role, up from less than 1% in 2011.
  • 16. Goal… One of the primary drivers of security analytics will be the need to identify when an advanced targeted attack has bypassed traditional preventative security controls and has penetrated the organization.
  • 17. Needle in a Datastack 17 • Organizations are storing approximately 11-15 terabytes of security data a week. • The ability to detect data breaches within minutes is critical in preventing data loss, yet only 35 percent of firms stated that they have the ability to do this. • In fact, more than a fifth (22 percent) said they would need a day to identify a breach, and five percent said this process would take up to a week. On average, organizations reported that it takes 10 hours for a security breach to be recognized. • Nearly three quarters (73 percent) of respondents claimed they can assess their security status in real-time and they also responded with confidence in their ability to identify in real-time insider threat detection (74 percent), perimeter threats (78 percent), zero day malware (72 percent) and compliance controls (80 percent). However, of the 58 percent of organizations that said they had suffered a security breach in the last year, just a quarter (24 percent) had recognized it within minutes. In addition, when it came to actually finding the source of the breach, only 14 percent could do so in minutes, while 33 percent said it took a day and 16 percent said a week. The study, conducted by research firm Vanson Bourne, interviewed 500 senior IT decision makers in January 2013, including 200 in the USA and 100 each in the UK, Germany and Australia.
  • 18. Datos útiles…de Verizon 2012 18 • “84% de los incidentes de seguridad (intrusiones exitosas) se han reflejado en los logs” • “Sólo el 8% de los incidentes de seguridad detectados por las empresas han sido por minar sus logs”
  • 20. What else happened at this time? Near this time? What is the time zone? What is this service? What other messages did it produce? What other systems does it run on? What is the hosts IP address? Other names? Location on the network/datacenter? Who is the admin? Is this system vulnerable to exploits? What does this number mean? s this documented somewhere? Who is this user? What is the users access-level? What is the users real name, department, location? What other events from this user? What is this port? Is this a normal port for this service? What else is this service being used for? DNS name, Windows name, Other names? Whois info? Organization owner? Where does the IP originate from (geo location info)? What else happened on this host? Which other hosts did this IP communicate with? SIEM is Still Evolving …Beyond Logs
  • 21. SEM + SIM = SIEM SIEM is the Evolution and Integration of Two Distinct Technologies  Security Event Management (SEM) ― Primarily focused on Collecting and Aggregating Security Events  Security Information Management (SIM) ― Primarily focused on the Enrichment, Normalization, and Correlation of Security Events Security Information & Event Management (SIEM) is a Set of Technologies for:  Log Data Collection  Correlation  Aggregation  Normalization  Retention  Analysis and Workflow 1 2 3 Three Major Factors Driving the Majority of SIEM Implementations Real-Time Threat Visibility Security Operational Efficiency Compliance and/or Log Management Requirements
  • 22. The State of SIEM Antiquated Architectures Force Choices Between Time-to-Data and Intelligence Events Alone Do Not Provide Enough Context to Combat Today’s Threats Complex Usability and Implementation Have Caused Costs To Skyrocket 00001001001111 11010101110101 10001010010100 00101011101101 VS Legacy SIEM REALITY: Turns Security Data Into Actionable Information Provides an Intelligent Investigation Platform Supports Management and Demonstration of Compliance SIEM Promise:
  • 23. Shifting from Compliance to Security 23 Source: InformationWeek 2012 Security Information and Event Management Vendor Evaluation Survey of 322 business technology professionals, April 2012
  • 24. SIEM as solution to detect CyberAttacks
  • 25. Medium Risk High Risk Global Threat Intelligence and SIEM McAfee Labs IP Reputation Updates GOOD SUSPECT BAD IP REPUTATION CHECK Botnet/ DDos Mail/ Spam Sending Web Access Malware Hosting Network Probing Network Probing Presence of Malware DNS Hosting Activity Intrusion Attacks AUTOMATIC IDENTIFICATION AUTOMATIC RISK ANALYSIS VIA ADVANCED CORRELATION ENGINE
  • 26. GTI with SIEM Delivers Even Greater Value Sorting Through a Sea of Events… 200M events 18,000 alerts and logs Dozens of endpoints Handful of users Specific files breached (if any) Optimized response RESPOND Have I Been Communicating With Bad Actors? Which Communication Was Not Blocked? What Specific Servers/Endpoints/ Devices Were Breached? Which User Accounts Were Compromised? What Occurred With Those Accounts? How Should I Respond?
  • 28. Priorizar los eventos de seguridad
  • 29. De arriba hacia abajo…
  • 30. Si bueno, con quién hablo?
  • 31. Conocimiento de mi ambiente…
  • 32. McAfee ESM McAfee Starts at the Core July 9, 2013 32 McAfee DB • Real-time, complex analysis • Indexing purpose-built for SIEM • Massive context feeds with enrichment • Historical retrieval and analytics • Integrated log and event management • No DBA required SMART FAST Scale, Analytical flexibility, Performance
  • 34. El malware está aquí…
  • 35. Spam y Bots en descenso…
  • 36. Conclusiones… • Usar y encender tus Logs • Primero un Log Mgmt antes que un SIEM • No hay “balas de plata” • Gana el pensamiento vs la tecnología • Menos es más • Windows Events Logs • Syslogs • DNS • App Logs • Context Awareness (Geolocation, Users, VM, Asset Mgmt, etc) • Casos de uso , caso de uso, casos de uso! • Arquitecturas de Big Data • Alta velocidad (I/O), horas para ver un reporte? O minutos para una vista? • Feeds de Seguridad (Sistemas de reputación) • Seguridad Interconectada • IP mala de reputación automáticamente bloqueada por el IPS. • Equipo que tuvo contacto con IP maliciosa ser analizado desde el SIEM
  • 37. “If you’re in a fight, you need to know that while it’s happening, not after the fact”