INTERVIEW: Splunk’s security evangelist Matthias Maier talk bolstering cyber defences with machine data
Machine data can be the key to tackling cyber threats on enterprise and business networks as well as adapting to new security regulations in a pro-active manner.
Speaking to TechWeekEurope at IP Expo 2016, Matthias Maier, security evangelist at Splunk, a company specialising in machine data harvesting and processing systems, extolled four areas where making use of all the data generated from IT infrastructure and connected systems can shed a light on security issues and threat detection.
Machine data versus cyber threats
“There are four major areas where you can use that data; one is if there is a breach in the news and your manager coms and says ‘have we been infected and how [problematic] is it for us?’ then you really can get back with that data and search it and analyse which systems, which users have been affected in the last three months, the last six months, and then get the proper answer, so that’s incident investigation,” said Maier.
“The second one is to use it for compliance and reporting; there are more and more regulations out where security required proper monitoring.
“The third one is to monitor all your existing security parameters and to have an umbrella system on top of all your security tools, so you’re really quick [to] put security posture if you really need to have something [in place].
“And then the fourth one is to really detect unknown information, unknown threats in all that information where you can then go in and make advance correlations and even apply machine learning algorithms or also threat intelligence for example.”
With the latter point we are now seeing the rise of security systems that mix both machine learning and threat intelligence, which would likely from a complimentary system for Splunk’s machine data and security systems.
This smarter use of network data and the use of machine learning algorithms in security is potentially paving the way for its future, where artificial intelligence could be used to detect and protect next-generation IT networks.
For the full interview, take a look at the video above.