This post is co-authored by Martin Lee, Armin Pelkmann, and Preetham Raghunanda.
Cyber security analysts tend to redundantly perform the same attack queries with different input data. Unfortunately, the search for useful meta-data correlation across proprietary and open source data sets may be laborious and time consuming with relational databases as multiple tables are joined, queried, and the results inevitably take too long to return. Enter the graph database, a fundamentally improved database technology for specific threat analysis functions. Representing information as a graph allows the discovery of associations and connection that are otherwise not immediately apparent.
Within basic security analysis, we represent domains, IP addresses, and DNS information as nodes, and represent the relationships between them as edges connecting the nodes. In the following example, domains A and B are connected through a shared name server and MX record despite being hosted on different servers. Domain C is linked to domain B through a shared host, but has no direct association with domain A.
This ability to quickly identify domain-host associations brings attention to further network assets that may have been compromised, or assets that will be used in future attacks.
Read More »
Tags: analysis, Big Data, correlation, D3, Domain, edge, fast, Graph, Gremlin, IE, Intelligence, internet explorer, IP address, name server, node, relationships, research, threat, Titan, TRAC, vertex, visual, zero-day
Is a Data Center Transformation for You?
Migrating mission-critical applications have known benefits, which are often accorded significant attention -- and for good reason. But what’s left unsaid is how the process is successfully carried out.
Application migration can be fearful – poor execution could result in unexpected and detrimental IT issues, which may negatively impact service levels for the entire company. But simply avoiding a migration is not solving the problem, either. More than likely, you will have to face an application migration at some point, due to poor application performance, outdated technology, or compromised architecture. This is when it becomes crucial to consult the right technology, and the right people.
Cisco provides a framework to help you understand the process of undergoing a data center transformation. In the Cisco® Domain Ten Framework, Cisco Services outlines information such as network standards, management procedures, security, and outsourcing options -- just to name a few.
The Cisco Domain Ten Framework will guide you through the most important aspects of the migration process, and what you should expect. You will gain insight into your environment that will enable you to predict whether your migration will be successful, and how to best execute the transformation – whether you are working with a virtualized, automated, or full cloud environment.
Read More »
Tags: application, Cisco, data center, Domain, IT, migration, Mission Critical, services, Unleashing IT