Access your Pro+ Content below.
Network security: Threat intelligence feeds parse a sea of data
This article is part of the Information Security magazine issue of July / August 2014 Vol. 16 / No. 6
Many enterprises have made substantial investments in security information and event management and log management technologies over the years to collect, manage and analyze logs. Advances in large-scale analytics enable a well-honed security program to use data to spot anomalies and analyze attacks. However, it is feasy to be overcome by a deluge of indicators and warnings derived from this data. Security intelligence promises to bring more focus to this task. Instead of blindly looking for "new" and "abnormal" events, we are now able to search for specific IP addresses, URLs or payload patterns. This is particularly important because compromises remain undetected for long periods of time; most companies are notified by external entities, not by internal sensors -- despite advances in data collection and event monitoring. Today, the number of threat intelligence feeds continues to expand, from free open source data provided by the larger network security community; to vetted and aggregated commercial products; to closed ...
Access this PRO+ Content for Free!
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
Features in this issue
Big data offers horizontal scalability, but how do you get your database security to scale along with it?
Immature products and a lack of standardization raise critical questions about first-party risk and third-party liability.
FedRAMP raises the bar for security among applicable cloud providers, but can it influence broader cloud computing contracts and standards?
This Beyond the Page examines how some enterprises are protecting their big-data ecosystems with encryption, security data analysis and visualization.
Columns in this issue
Security deserves a seat at the risk management table.
Marcus Ranum chats with Columbia University's Joel Rosenblatt to learn how "apples to apples" comparisons helped automate critical security processes.
Threat intelligence feeds help you prioritize signals from internal systems against unknown threats. Security intelligence takes it a step further.