5 Reasons Why Host-Based Intrusion Detection Systems Thrive in the Cloud

The threat landscape continues to expand as both the frequency and the financial impact of cyber security incidents increase. As a result, traditional host-based security evolves to counter new attack vectors and types of infections. On rare occasions however, two separate, independently evolving technologies can come together in a way that benefits both – and so it is, with host-based intrusion detection systems (IDS) and the cloud.

Read more “5 Reasons Why Host-Based Intrusion Detection Systems Thrive in the Cloud”

Scale it to Billions — What They Don’t Tell you in the Cassandra README

At Threat Stack our engineering and operations teams have embraced the concept of the polyglot data platform, recognizing that no one solution can provide for all of our needs. Those needs include rapid scaling, ideally linearly, to support growing customer demand and the elastic workloads of our new economy customers. We also require different forms of analysis to support stream analysis for our IDS feature set, efficient lookup tables and prematerialized views for our ETDR feature set, and offline analysis for analysis and research.

A core component of our data platform for several years has been Cassandra, which we upgraded to Datastax Enterprise (DSE) through their start up program last year. Originally we were expecting to use it as our single source of truth for all of our time series data, but this turned out to be an anti pattern. Instead we have found it very useful for look up tables and pre-materialized views (more on this later).

Read more “Scale it to Billions — What They Don’t Tell you in the Cassandra README”

What Enterprise Security Can Learn From Silicon Valley

Most enterprises do not build software or operate infrastructure the same way Netflix does. But there’s a lot to learn from the Silicon Valley world that an enterprise can aspire to as policy to improve security posture.  Forward-thinking CIOs should work with the security function of an organization to adopt technology and practices that will empower defense.  Here are some examples:

Read more “What Enterprise Security Can Learn From Silicon Valley”

The History of Intrusion Detection Systems (IDS) – Part 1

Great applied technology typically needs enabling partner technology, and it will struggle to make headway until that partner appears. For decades, Intrusion Detection System (IDS) technology struggled to deliver efficient, high quality intrusion monitoring, and is only now experiencing success with the arrival of an unintentional enabling partner technology – cloud computing.

Read more “The History of Intrusion Detection Systems (IDS) – Part 1”