Extracting Value from Big Data Using Operational Intelligence: Information Security

Information security describes the collective role of policies combined with network and security devices, from identity and access management applications to vulnerability management and policy compliance tools. Security Information Event Management (SIEM) describes the process of identifying, aggregating, analyzing, and presenting the artifacts created by these policies and devices. Organizations implement SIEM to gain situational and operational awareness through a series of processes that include auditing log files, monitoring the impact of system changes, reviewing incidents, responding to security breaches, and managing user access privileges.

Operational Intelligence (OI) provides information security managers with complete situational awareness across all information assets, networks, and systems. OI for Information Security continuously protects critical information assets, in real-time. With OI, log files can be aggregated across assets and correlated to detect patterns of activity, in real-time. The continuous, real-time analytics™ results can then be viewed on Live Dashboards by authorized users. When the analytic results require action, an OI solution immediately pushes alerts to predefined response teams, enabling them to initiate immediate, policy-based action.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>