Page 2 of 2
According to Curry, the intent in all this is to evolve beyond what is now known as SIEM, where products are designed to aggregate and analyze large amounts of security feeds.
"SIEM is just repositories, mass repositories that are often architected for compliance," Curry says. Big data for security can potentially do better in detecting stealthy attackers and their "dwell time" inside enterprise networks as they find their way to the most critical data sources and plan how to extricate it, he says. The "hunt time" for this type of attack is generally failing today but "we think it takes advanced data techniques to wins this," Curry says.
Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security. Twitter: @MessmerE. Email: emessmer@nww.com.
Read more about security in Network World's Security section.
Rss Feed
The Connected Enterprise
You are previewing premium content. 
