With data breaches becoming more frequent and sophisticated, protecting customer information and intellectual property is of paramount importance. The Security Log Analytics Solution will enable security teams to accelerate deployment of a solution that leverages Spark on MapR. Security teams can use the Quick Start Solution built on MapR to gain comprehensive visibility into their environment and detect anomalous behavior as quickly as possible.
- Detect anomalous behavior: Early detection of advanced persistent threats and unknown threats.
- Minimize exposure: Avoid fines, lawsuits, loss of business and negative PR.
- Take quick action: React fast on any abnormal or malicious activity from internal and external actors.
6 nodes of MapR
a big data expert
The solution template includes data workflows, parsers, and machine learning, along with a search-based visualization interface to gain insights into outliers and trends within your security logs. Installation and configuration of the MapR cluster is included within the scope of this Quick Start Solution.
Key solution capabilities
- Cost-effective big data platform: Store and analyze large volumes of data from a variety of data sources like firewalls logs, IDS logs and IP packet captures in real time.
- Comprehensive visibility: Correlate user and system activity within an environment across networks, servers, applications and end points utilizing visualization and search capabilities.
- Threat identification: Identify threats by monitoring and analyzing events across the network using Spark based ( MLLIb) machine learning for deep and granular analytics.
Security Log Analytics Template
Key MapR differentiators
- Data archival: The MapR Converged Data Platform enables archival and storage of security event and other related log data going back several months and years.
- Data ingestion: Copying data to and from the MapR cluster is as simple as copying data to a standard file system using Direct Access NFS™.
- Full stack support for Apache Spark: MapR is the only distribution that supports the full Apache Spark stack, giving you maximum flexibility to build applications rapidly and develop complex ETL pipelines and transformations on your data.
- Scalability: MapR is the only Hadoop distribution that scales all the way to a trillion files without compromising performance.
- High performance: The MapR Converged Data Platform was designed for high performance, with respect to both high throughput and low latency.
- Search and discovery: Indexing and search capabilities that integrate with MapR help aggregate security logs and provide a feature-rich user interface that delivers rich insight.