The Changing Face of Security Threat Detection

Current security solutions operate in islands, on proprietary databases, and are geared to analyze only small windows of event data, e.g., three days of PCAP, fifteen days of NetFlow, or thirty days of IDS data. Today’s technologies are also unable to correlate events in order to stitch together kill chains occurring over months. Splunk User Behavior Analytics, leveraging multiple components of Hadoop, including Spark, and graph databases, can absorb billions of events directly from sources or existing Hadoop repositories, and process them on commodity hardware using behavior-based machine learning algorithms.

Fill out the form below to download this resource.