Provides proven, cyber security-specific solution for data ingestion, analysis and automation to optimize operations and inform decision making
SAN FRANCISCO – April 17, 2018 (from booth #1109 at RSA Conference 2018) – Optiv Security, the world’s leading security solutions integrator, today announced “SecureData@Optiv,” a reference architecture that provides a unique programmatic approach and expertise for rapid deployment of a secure data lake. SecureData@Optiv considers many factors, tradeoffs and design considerations, and helps clients make appropriate technology selection, and design and implementation decisions while balancing risk mitigation with desired business outcomes. It harnesses vast amounts of data from security infrastructure, intelligence feeds and other sources, and then runs purpose-built analytics for any number of security functions, including:
- Situational awareness dashboards
- Incident detection and response
- Enhanced vulnerability scanning
- Fraud detection
- Ad hoc queries to answer virtually any security question
“Everyone is talking about orchestration and automation across the security space, and this is an example where Optiv is delivering it in a way that rationalizes and operationalizes data in furtherance of the security mission,” said Stu Solomon, Optiv chief technology and strategy officer. “We believe reference architectures are a key requirement for solving complex problems, such as cyber security data infrastructure. Otherwise, these projects are likely to fail due to the costs and manpower consumed by a ‘trial and error’ approach to secure data as well as generally not being informed by an ecosystem-based approach to planning and architecture decisions. SecureData@Optiv delivers the right technology and services in a highly manageable and flexible solution package. It enables organizations to align their security programs to enterprise business strategies, operational needs and risk profiles rather than constantly reacting to the latest threat. We are proud to bring SecureData@Optiv to market and to provide organizations with an efficient way to add the smarts to their security operations.”
SecureData@Optiv is based on system design and vendor components that have been proven in multiple client environments. This dramatically speeds the process of deploying the solution because it eliminates many of the vendor-evaluation and “trial and error” steps typically associated with data-related security projects.
For example, a large healthcare provider partnered with Optiv to build and deploy a secure data lake with goals to retain more than a year’s worth of online data, support a large number of concurrent users, and provide future scalability and extensibility. Optiv developed and implemented a comprehensive secure data solution tailored to the client’s needs through identification of common use case patterns. Optiv’s solution lowered the barrier to entry by providing open source software proof of concept, augmented in-house data scientists/analytic developers, and deployed hundreds of nodes, fully configured, in minutes. The partnership produced competitive advantage for this client, decreasing incident response time from an average of two to four hours to 12 minutes, and providing average monthly savings of $100,000 - $400,000 as a result of simplified fraud detection analytics.
Historically, enterprises have used commercial Security Incident and Event Management (SIEM) platforms to aggregate, analyze and correlate security data. SIEMs have proven to be critical technologies for the initial view of security data streams, however there are limitations on the degree that organizations have been able to operationalize the technology for triaging true positive security events. With the proliferation of data, cyber security programs have massively grown in response, leading organizations to require technologies purpose-built for efficient data management. SecureData@Optiv allows organizations to gain new and incremental value from their SIEMs, while also solving their security data management and analysis challenges.
SecureData@Optiv currently includes technologies from Elastic, Splunk, Phantom Cyber and StreamSets along with other open source and big data infrastructure platforms, coupled with Optiv’s decision engineering services, acquired with Decision Lab late last year. Together, these deliver a preconfigured solution for a security-specific data lake that delivers benefits including:
Nimble, evidence-based decision-making: Clients can easily extract value from diverse data sets by enriching and normalizing data points in a readily consumable manner. This enables them to answer their toughest questions and make operational decisions based on evidence, rather than “best guesses.”
Risk mitigation: SecureData@Optiv dramatically reduces errors in data analysis that are common in traditional analytics solutions and manual processes. This helps organizations more accurately identify threats and vulnerabilities, and more efficiently deploy staff.
Cost reduction: As a reference architecture, SecureData@Optiv reduces costs by enabling clients to avoid vendor lock-in and, because it is built on modular solutions, it can easily be tailored for specific client use-cases. Additionally, because it is a solution that has been successfully deployed in other environments, it eliminates the costs associated with “trial and error” failures.
Fast time-to-value: SecureData@Optiv can be deployed in hours or days, compared to the weeks or months required with other approaches.
To learn more about SecureData@Optiv, visit our website or send an email to SecureData@Optiv.com.