According to Gartner, Big data will change cyber security in network monitoring, identity management, fraud detection,governance, compliance. I listed the following 8 companies (without order of preference) in using big data to defeat zero day and APT attack. The Big data and Cyber Security is at the hyper cycle of growth, I believe that there are at least 50 other companies (big or small or even the startup in stealth modes) are working on a new killer app for using Machine Learning, AI, Deepnet, and Big data to keep ahead of hackers. So, I welcome any comments and please add your preferred tools or products in your comment.
Niara is making use of big data techniques and Hadoop. "The core intellectual property of Niara is in the collection, storage and analysis of the data," Ramachandran said. "We have been at work for 16 months building the platform."While some of the components in Niara's platform are open-source, the big challenge has been in aligning an entire application stack to be able to handle the scale that is needed, Ramachandran said. "You have to be very smart about how you process data and how you move it around," Ramachandran said.
2: IBM QRadar Security Intelligence Platform and IBM Big Data Platform
IBM QRadar Security Intelligence Platform and IBM Big Data Platform provide a comprehensive, integrated approach that combines real-time correlation for continuous insight, custom analytics across massive structured and unstructured data, and forensic capabilities for irrefutable evidence. The combination can help you address advanced persistent threats, fraud and insider threats.
The IBM solution is designed to answer questions you could never ask before, by widening the scope and scale of investigation. You can now analyze a greater variety of data – such as DNS transactions, emails, documents, social media data, full packet capture data and business process data – over years of activity. By analyzing structured, enriched security data alongside unstructured data from across the enterprise, the IBM solution helps find malicious activity hidden deep in the masses of an organization's data.
3: Cyphort
The Cyphort Advanced Threat Defense Platform detects advanced malware, prioritizes remediation and automates containment. Cyphort customers benefit from early and reliable detection and fast remediation of breaches across their infrastructure. Our unique approach combines best-in-class malware detection with the knowledge of threat severity, value of targeted user and assets, and malware lifecycle to prioritize threats that matter to you while suppressing the noise. The Cyphort platform is a network-based solution that is designed to be deployed across the entire organization cost effectively. Flexibility to deploy as hardware, software and virtual machine makes Cyphort an ideal solution for large and distributed organizations.
4: Teradata
www.teradata.com/Cyber-Security-Analytics
5: Intel Security Connected System:
For Intel, "intelligence awareness" translates to a new security product architecture that weaves the existing portfolio of McAfee products, including everything from PC software to data center firewalls, into a data collection backbone feeding a centralized repository used to correlate security anomalies from, across multiple systems
6: Sqrrl
Sqrrl is the Big Data Analytics company that lets organizations pinpoint and react to unusual activity by uncovering hidden connections in their data. Sqrrl Enterprise is Sqrrl's linked data analysis platform that gives analysts a way to visually investigate these connections, allowing them to rapidly understand their surrounding contexts and take action. At the core of Sqrrl's architecture are a variety of Big Data technologies, including Hadoop, link analysis, machine learning, Data-Centric Security, and advanced visualization.
7: Platfora and MapR Technology
Platfora provided a wide range of capabilities for preparing the data for analysis which considerably reduced data preparation time. After completing the preparation of the data, the emphasis shifted to developing and understanding the data using a variety of visualization techniques.
8: Splunk
While Splunk can certainly address the tier-1 needs of reduction and correlation, Splunk was designed to support a new paradigm of data discovery. This shift rejects a data reduction strategy in favor of a data inclusion strategy. This supports analysis of very large datasets through data indexing and MapReduce functionality pioneered by Google. This gives Splunk the ability to collect data from virtually any available data source without normalization at collection time and analyze security incidents using analytics and statistical analysis.
