Difference between revisions of "Bigdata"
Jump to navigation
Jump to search
(One intermediate revision by the same user not shown) | |||
Line 3: | Line 3: | ||
http://www.esg-global.com/blogs/big-data-security-analytics-meets-identity-and-access-management-iam/ | http://www.esg-global.com/blogs/big-data-security-analytics-meets-identity-and-access-management-iam/ | ||
+ | Jon,I work with a tool that does exactly what your describing. | ||
+ | Input logs from SIEM/Log Management, IAM/IDM, cross correlate identities, and map user ID to IP as well as looking for odd behavior. I have multiple papers on the topic if anyone is interested. | ||
+ | I believe the trend toward user based attribution of events is required as we shift from a perimeter defense security posture to one where the insider, or compromised account, must be monitored for abnormal behavior. | ||
+ | |||
+ | http://www.forbes.com/sites/ronhirson/2015/03/23/uber-the-big-data-company/#7b9d1c1425f4 |
Latest revision as of 20:21, 14 February 2016
https://datafloq.com/read/big-data-privacy-big-deal/26
http://www.esg-global.com/blogs/big-data-security-analytics-meets-identity-and-access-management-iam/ Jon,I work with a tool that does exactly what your describing. Input logs from SIEM/Log Management, IAM/IDM, cross correlate identities, and map user ID to IP as well as looking for odd behavior. I have multiple papers on the topic if anyone is interested. I believe the trend toward user based attribution of events is required as we shift from a perimeter defense security posture to one where the insider, or compromised account, must be monitored for abnormal behavior.
http://www.forbes.com/sites/ronhirson/2015/03/23/uber-the-big-data-company/#7b9d1c1425f4