Enhancing intelligence SOC with big data tools
Abstract:
Traditional security tools are based on predetermined signatures or rules that show rigidity in the face of the dynamics of the interconnections that occur in organizations. The inclusion of analytic in security systems extends the field of vision of security analysts for proactive threat detection. This allows SOC specialists to make decisions in real time and focus on the protection of critical assets of the organization. Our contribution in this work is to analyze the applicability of the use of Big Data as a complementary tool for the detection of security events in a real CSIRT environment, validating the architecture, configuration and visualization using the ELK stack as a Big Data platform.
Año de publicación:
2019
Keywords:
- BIG DATA
- security operation center
- CYBERSECURITY
- cognitive security
Fuente:
google
scopusTipo de documento:
Conference Object
Estado:
Acceso restringido
Áreas de conocimiento:
- Big data
- Ciencias de la computación
Áreas temáticas:
- Programación informática, programas, datos, seguridad
- Métodos informáticos especiales
- Funcionamiento de bibliotecas y archivos
