Wednesday, March 27, 2013

Big Data Security Analytics

If your an XYZ SIEM user today and your boss is asking you about big data what is our strategy.  You probably have RSA, HP and everyone trying to pitch you their new product which solves all problems.

Here is what you need to be doing to start migrating from just SIEM correlation to big data security analytics:

Download and install Elastic Search.  Point your XYZ SIEM to forward events to Elastic Search.

Use Kibana to search that data.

Thank me later.