When it comes to giving cyber security experts the tools they need to take action, automation and machine learning (ML) can make a big difference. Many companies are working with high volumes of data, and types and variants of attack are always growing and changing. It can become too much for people to process in a meaningful time frame. But security automation and ML-based early triage can reduce data volumes. Check out how security automation can work and what it can do.
Many Services, Loosely Connected
In today’s world of multicloud solutions, businesses and other groups find themselves with a more diverse security toolset than they ever had before. Now, the security operations team need to not only cover legacy data centers and multiple cloud providers. They also manage the security of new platforms, such as containers, Kubernetes and OpenShift.
These new technologies have ushered in a world where an application is no longer a monolithic entity only needing to connect to one or two things such as a database or user authentication system. Instead, applications are becoming a loosely coupled amalgam of multi-use services connected by API calls. Even more complicated is that these services can be located anywhere, across multiple clouds and data centres and may not even be run by the same company.
This makes understanding how your data is being processed and flows through an “application” extremely difficult for the security operations team, furthermore to keep track of security events from multiple technologies, in multiple locations data has to be fused into a single picture.
What is required is something that pulls all the information from these diverse tools into a single overarching view that can then be p ..
Support the originator by clicking the read the rest link below.
