Follow Datanami:
July 26, 2017

Open Source Tool Emerges For Cyber Defense

As banks, hospitals and retailers continue to lose ground to hackers, the open source community has stepped into the fray with a cyber security project designed to bring advanced analytics to IT monitoring data. The incubating Apache Spot 1.0 project also seeks to leverage machine learning to scale cyber defenses.

As Spot moves toward “graduation” from the Apache Software Foundation, member companies are attempting to scale the cyber tool to accelerate real-time threat detection. Cloudera (NYSE: CLDR), for one, announced a cyber security framework this week based on the open source project.

Meanwhile, other AI pioneers are contributing security analytics to the open source effort.

Cloudera, Palo Alto, Calif., promotes is approach as enabling anomaly detection, behavior analytics and access across enterprise data using its Spot-based platform. Users could build custom cyber defenses while deploying applications on top of a shared data set, the company said.

The approach promises to “change the economics of cyber security” by bringing the combined efforts of the open source community to bear in the fight against cyber threats, Cloudera asserted.

While increased use of machine learning and other AI automation tools are increasingly being used to combat cyber attacks, hackers have grown far more sophisticated as once top-secret tools become readily available to hackers. Hence, banks, retailers and other enterprises continue to face an uphill battle as malware along with coordinated ransomware and other cyber attacks grow in frequency and sophistication.

With that in mind, the Spot project aims to deliver greater visibility into security threats by leveraging machine learning and advanced analytics to detect and thwart attacks. Cloudera said Spot is built into its platform leveraging Apache Spark and Hadoop. That combination is geared to Intel (NASDAQ: INTC) processors. The approach is said to provide the ability to ingest and store large volumes of IT telemetry data for threat detection using machine learning and faster threat investigation.

The Spot 1.0 release includes better machine learning performance with an upgrade to Spark 2.1, the latest version of the stream- processing engine.

Cloudera also boasts tighter integration between its cyber security platform and Spot as a way to take advantage of the company’s cyber tools.

Proponents of the open source tools note that it is designed to facilitate collaboration among cyber security teams “with a shared common data model against which community-developed machine learning algorithms can be run,” Sam Heywood, Cloudera’s director of cyber security strategy, noted in a statement announcing the latest release of Apache Spot.

“While threat intelligence feeds are extremely important in the fight against cyber criminals, we need to extend our analytics sharing capabilities to make sure we are detecting advanced behavioral anomalies,” Heywood added.

Another Apache Spot contributor is Cybraics, developer of an advanced security analytics and AI platform delivered as a service.

Based in Arlington, Va., the company said it would contribute new analytics to the Apache Spot development community.

Recent items:

GigaSpaces Close Analytics-App Gap With Spark

AI-Based Cyber Platf\orm Hunts Malware

Datanami