The threat landscape continues to expand as both the frequency and the financial impact of cyber security incidents increase. As a result, traditional host-based security evolves to counter new attack vectors and types of infections. On rare occasions however, two separate, independently evolving technologies can come together in a way that benefits both – and so it is, with host-based intrusion detection systems (IDS) and the cloud.
I’ve been on the infrastructure team at Threat Stack for just over one month now. It’s exciting to work here, not just because this is a sharp team with a great attitude, but because we’re exploring the bleeding edge of security practices in the cloud.
At Threat Stack our engineering and operations teams have embraced the concept of the polyglot data platform, recognizing that no one solution can provide for all of our needs. Those needs include rapid scaling, ideally linearly, to support growing customer demand and the elastic workloads of our new economy customers. We also require different forms of analysis to support stream analysis for our IDS feature set, efficient lookup tables and prematerialized views for our ETDR feature set, and offline analysis for analysis and research.
A core component of our data platform for several years has been Cassandra, which we upgraded to Datastax Enterprise (DSE) through their start up program last year. Originally we were expecting to use it as our single source of truth for all of our time series data, but this turned out to be an anti pattern. Instead we have found it very useful for look up tables and pre-materialized views (more on this later).
p>A lot has happened in the world of DevOps and Security this week. Here are the top posts we saw around the community:
Read more “The Weekly DevOps and Security News Brief”
Most enterprises do not build software or operate infrastructure the same way Netflix does. But there’s a lot to learn from the Silicon Valley world that an enterprise can aspire to as policy to improve security posture. Forward-thinking CIOs should work with the security function of an organization to adopt technology and practices that will empower defense. Here are some examples:
Great applied technology typically needs enabling partner technology, and it will struggle to make headway until that partner appears. For decades, Intrusion Detection System (IDS) technology struggled to deliver efficient, high quality intrusion monitoring, and is only now experiencing success with the arrival of an unintentional enabling partner technology – cloud computing.