Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Mobile

9/25/2013
12:28 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

CSA Releases New Big Data Report

Report details how the landscape of security analytics is changing

CSA EMEA 2013 – Edinburgh, Scotland – September 24, 2013 – The Cloud Security Alliance (CSA) Big Data Working Group today announced the release of Big Data Analytics for Security Intelligence. The new research report details how the landscape of security analytics is changing with the introduction and widespread use of new tools and opportunities for leveraging large quantities of structured and unstructured data. The initial report also outlines some of the fundamental differences from traditional analytics and highlights possible research directions in Big Data security.

"The goal of Big Data analytics for security is to obtain actionable intelligence in real time," said Alvaro Cardenas, industry expert and lead author of the report "Although Big Data analytics holds significant promise, there are a number of challenges that must be overcome to realize its true potential. We have only just begun, but are anxious to move forward in helping the industry understand its potential with new research directions in Big Data security."

In addition to looking at the differences between traditional analytics and Big Data analytics, the report also discusses the impact of Big Data analytics on security, includes examples of Big Data usage in security contexts (network security, advanced persistent threats, enterprise event analytics and netflow monitoring to identify botnets), outlines a platform for experimentation on anti-virus telemetry data, and proposes a series of open questions about the role of Big Data in security analytics. To access a full copy of the report visit: https://cloudsecurityalliance.org/download/big-data-analytics-for-security-intelligence/.

In conjunction with the release of Big Data Analytics for Security Intelligence, the CSA will also hold a dedicated session to discuss the research report at CSA Congress EMEA being held this week in Edinburgh, Scotland. Wilco van Ginkel, co-chair of the CSA Big Data Working Group and head of Enterprise Strategy at Verizon Enterprise Solutions will lead the "Big Data Working Group" session, which will focus on the report findings, along with a number of other relevant topics including the diversity of challenges facing enterprises surrounding Big Data analytics, a review of the Top 10 Big Data and Security and Privacy Challenges, and an investigation into the best practices to overcome the toughest Big Data challenges.

The CSA Big Data Working Group, chaired by Sreeranga Rajan, Director, Software Systems at Fujitsu

Laboratories of America and co-chaired by Neel Sundaresan, Senior Director and Head of eBay Research Labs at eBay and van Ginkel is focused on taking industry ownership in addressing the world's immediate urgency for collaborative research and solutions on Big Data topics. The group is specifically working to address the security and privacy issues magnified today by the velocity, volume, and variety of Big Data, such as large-scale cloud infrastructures, diversity of data sources and formats, streaming nature of data acquisition and high volume inter-cloud migration. The group consists of more than 30 CSA member companies in collaboration to provide industry guidance and best practices for Big Data security. Companies and individuals interested in learning more or joining the group can visit:

https://cloudsecurityalliance.org/research/big-data/.

Tweet This: @cloudsa releases #BigData Analytics for Security Intelligence; how new tools are changing the #security landscape. http://bit.ly/11KEUaB

About Cloud Security Alliance

The Cloud Security Alliance is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing. The Cloud Security Alliance is led by a broad coalition of industry practitioners, corporations, associations and other key stakeholders. For further information, visit us at cloudsecurityalliance.org, and follow us on Twitter @cloudsa.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Manchester United Suffers Cyberattack
Dark Reading Staff 11/23/2020
As 'Anywhere Work' Evolves, Security Will Be Key Challenge
Robert Lemos, Contributing Writer,  11/23/2020
Cloud Security Startup Lightspin Emerges From Stealth
Kelly Sheridan, Staff Editor, Dark Reading,  11/24/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-27218
PUBLISHED: 2020-11-28
In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to 10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection, and if an attacker can send a request with a body that is ...
CVE-2020-29367
PUBLISHED: 2020-11-27
blosc2.c in Blosc C-Blosc2 through 2.0.0.beta.5 has a heap-based buffer overflow when there is a lack of space to write compressed data.
CVE-2020-26245
PUBLISHED: 2020-11-27
npm package systeminformation before version 4.30.5 is vulnerable to Prototype Pollution leading to Command Injection. The issue was fixed with a rewrite of shell sanitations to avoid prototyper pollution problems. The issue is fixed in version 4.30.5. If you cannot upgrade, be sure to check or sani...
CVE-2017-15682
PUBLISHED: 2020-11-27
In Crafter CMS Crafter Studio 3.0.1 an unauthenticated attacker is able to inject malicious JavaScript code resulting in a stored/blind XSS in the admin panel.
CVE-2017-15683
PUBLISHED: 2020-11-27
In Crafter CMS Crafter Studio 3.0.1 an unauthenticated attacker is able to create a site with specially crafted XML that allows the retrieval of OS files out-of-band.