While Verizon Enterprise Solutions is considered one of the most authoritative sources when it comes to information concerning security breaches, turning all that data into something that represents actionable intelligence has been another matter altogether.
To solve that particular issue, Verizon has partnered with Splunk to create a downloadable application that IT security teams can use to see how their vulnerabilities line up against the attack vectors most commonly being employed by cybercriminals.
Jonathan Nguyen-Duy, CTO for global security services at Verizon Enterprise Solutions, says IT organizations can plug the historical data that Verizon collects via its Data Breach Investigations Report (DBIR) into the security information event management platform that Splunk has created on top of its software for searching and analyzing machine log data. All told, Verizon has collected 10 years of data involving more than 8,000 breaches and nearly 195,000 security incidents.
Nguyen-Duy says at its most basic level, the downloadable application will make it a lot easier for IT organizations to identify commonly exploited vulnerabilities. But over time, Nguyen-Duy says that Verizon expects to exploit machine learning technology to provide security intelligence in real time via the Splunk analytics engine.
Nguyen-Duy notes that SIEM platforms today discover less than 1 percent of the attacks being launched against the enterprise, which makes many IT organizations question the value of making such an investment. By taking advantage of a machine data analytics platform such as Splunk, Nguyen-Duy says that it becomes much simpler for organizations to prioritize IT security fixes based on the potential severity of threat to their IT organization. Later on, Nguyen-Duy says Verizon hopes to automate the intrusion detection process to create a truly closed-loop security solution.
Of course, it may take a while before the malware detection process gets fully automated. But in the meantime, the data that IT security services continually collect is about to become a lot more useful.https://o1.qnsr.com/log/p.gif?;n=203;c=204663295;s=11915;x=7936;f=201904081034270;u=j;z=TIMESTAMP;a=20410779;e=i