Increased volumes of security data require solutions that go beyond sampling and can accommodate the growing volumes of security log data.
With data breaches becoming more frequent, sophisticated and massive, organizations are struggling to protect their brand, customer information, intellectual property, and revenues. The widespread usage of mobile and cloud computing, billions of smart devices with interconnected communications—also referred to as IoT—and the variety and volume of customer and end-user data being collected by organizations is opening up new avenues-of-attack vectors.
Sampling security data is no longer adequate; it is important to have comprehensive visibility into what is happening within your environment. You need to be aware of security data aggregated from firewall logs, IPS/IDS logs, IP packet captures, server logs, transactions, emails and physical security systems. Even more critical is for you to have the ability to derive actionable intelligence from all this data and detect anomalous and malicious behavior.
Get a costeffective big data platform to give you complete visibility across your environment.
The Security Log Analytics Quick Start Solution provides the following critical capabilities that your organization requires:
- Cost-effective big data platform for storing and analyzing large volumes of machine-generated data from a variety of data sources (structured, unstructured and semi-structured) in real time.
- Complete visibility and correlation of user and system activity within an environment across networks, servers, applications, end points and critical data assets using search, visualization and ad hoc SQL.
- Fast streaming ingestion, deep data analytics and machine learning to identify threats by monitoring and analyzing all events across the network in real time.
You can perform analysis of historical data as well as real-time analysis of large volumes of security data, which can help in early detection of advanced and unknown threats. The Security Log Analytics Quick Start Solution augments existing Security Information and Event Management (SIEM) solutions by providing cost-effective storage and processing for deep analytics and by predicting anomalous behavior within the environment to identify unknown threats.
Comprehensive security view
- Get complete visibility and correlation across user and system activity in your environment.
Detect anomalous behavior
- Early detection of advanced persistent threats and unknown threats.
- Avoid fines, lawsuits, loss of business and negative PR.
- React fast on any abnormal or malicious activity from internal and external actors.
Software, Professional Services and Certification are all included.
The Quick Start Solution includes a pre-built template built on the MapR Distribution including Apache™ Hadoop® that makes it possible for you to realize faster time-to-value with your Security Log Analytics initiative. The template brings together best practices accumulated by world-class data scientists and data engineers from several mature Hadoop deployments. The Security Log Analytics Quick Start Solution includes a combination of software, professional services and training.
Software One year subscription of six nodes of any edition of the MapR Distribution including Apache Hadoop. Support for one year–including that for Apache Drill and Apache Spark–is included.
Quick Start Professional Services You’ll be able to jump-start a security log analytics solution on Hadoop through the use of a pre-built solution template. The template includes workflows and parsers, along with machine learning based models that allow you to quickly gain insight into trends within your security logs. The three-week service engagement component of the Security Log Analytics Quick Start Solution encompasses the following deliverables:
- Identification of data sources, transformations and reporting engines
- Access and use of the solution template including source code
- Knowledge transfer on customizing the solution template
- Deployment architecture document that enables a production rollout plan
- Installation and configuration of the MapR cluster
Hadoop Training and Certification After completing requisite Hadoop On-Demand Training, you can put your new skills into action right away. The Security Log Analytics Quick Start Solution includes Hadoop certification for three professionals. You can become a certified Hadoop professional and establish yourself as an accredited big data specialist within your organization.
The certification exams currently offered:
- MapR Certified Hadoop Administrator (MCHA)
- MapR Certified Hadoop Developer (MCHD)
- MapR Certified HBase Developer (MCHBD)
- The MapR Distribution enables archival and storage of security event and other related log data going back several months and years.
- Copying data to and from the MapR cluster is as simple as copying data to a standard file system using Direct Access NFS™.
- MapR is the only Hadoop distribution that scales all the way to a trillion files without compromising performance.
- The MapR Distribution was designed for high performance, with respect to both high throughput and low latency.
Search and Discovery
- Indexing and search capabilities that integrate with MapR help aggregate security logs and provide a feature-rich user interface that delivers rich insights.
MapR delivers on the promise of Hadoop with a proven, enterprise-grade platform that supports a broad set of mission-critical and real-time production uses. MapR brings unprecedented dependability, ease-of-use and world-record speed to Hadoop, NoSQL, database and streaming applications in one unified distribution for Hadoop. MapR is used by more than 700 customers across financial services, government, healthcare, manufacturing, media, retail and telecommunications as well as by leading Global 2000 and Web 2.0 companies. Investors include Google Capital, Lightspeed Venture Partners, Mayfield Fund, NEA, Qualcomm Ventures and Redpoint Ventures.