At the RSA 2015 conference today, Cisco announced that it will be applying machine learning software delivered as a service to IT security via a partnership with Elastica.
Under terms of the deal, both companies will combine machine learning applications from Elastica that identify anomalies in how cloud applications are being used with access control software from Cisco. In addition, Cisco will expose information that its security infrastructure products gather to the Elastica application.
Elastica CEO Rehan Jalil says that in addition to using Elastica CloudSOC software-as-a-service (SaaS) applications to identify anomalies, Elastica provides investigative tools that make it possible to visually drill into specific applications and infrastructure to determine where those anomalies are specifically occurring in order to speed risk assessments.
In addition to gathering data from IT security infrastructure, Jalil says Elastica machine learning software pulls in data via the application programming interfaces (APIs) that cloud applications such as Microsoft Office 365 expose. Included in the Elastica portfolio is a set of applications that enables IT organizations to analyze transactions occurring through those cloud applications, adds Jalil.
Over time, Elastica builds a visual graph that shows the normal behavior patterns for an individual user. Any deviation from those patterns is then highlighted with the Elastica environment. The Elastica SaaS applications themselves are distributed across 18 different data centers to make collecting that data simpler.
At this juncture, it’s pretty clear that advanced analytics in the form of machine learning software represents one of the next big frontiers in IT security. While it’s still early in terms of determining just how much of an impact those applications might have, the one thing that is for certain is that most organizations need all the IT security help they can get at a time when they are clearly overwhelmed by the size of the IT security task at hand.