It's possible to get in front of attacks by analyzing all network event data with tools such as Apache Spark running on a real-time Hadoop platform.
SIEM
With a combination of a real-time Hadoop platform and advanced analytics, organizations can predict, identify and deter security threats in several different ways, including:
Security Information and Event Management (SIEM). Hadoop can be used to analyze large amounts of real-time data from network and security devices. For instance, a large U.S. regional bank that was running out of storage capacity on its SIEM infrastructure chose to replace its SIEM with Hadoop. The bank now has the dual benefits of ensuring adherence to SEC/FINRA regulations for newer data sources along with the deeper analytical capabilities that machine learning on Hadoop provides using those data sets.