New Group Seeks Dialogue On Security Data Sharing, Mining

  /     /     /  
Publicated : 22/11/2024   Category : security


New Group Seeks Dialogue On Security Data Sharing, Mining


Open Security Intelligence community champions methods for harvesting security information



SAN FRANCISCO -- B-Sides San Francisco 2011 -- Most enterprises already have more than enough security data. The question is how to efficiently mine that data to find the source of a hack or build a better data defense strategy.
Thats the premise behind the launch of a new security community,
Open Security Intelligence
, here yesterday. The open, online community, founded by security information and event management (SIEM) tool vendor SenSage, hopes to become a nexus for security managers to share best practices in making better use of the data collected by security and log management tools.
Organizations could use the same tools that they currently use for the mining of business data to mine their security data, said Joe Gottlieb, CEO of SenSage. We believe that SQL could become the new universal security signature language.
There is a massive disconnect between vendors and users about how to work with security data, said Andrew Hay, an analyst with the 451 Group. Some vendors say they are open, but what theyre doing is some give and mostly take. Thats not open.
The OSI community is a place where security professionals can go to share best practices in harvesting security data from log files and security systems, Gottlieb said. When an enterprise finds an effective way to query security data and get real results, it would be able to post that query to the OSI community, enabling other security professionals to use it as well.
The community also hopes to foster the evolution of SIEM and log management tools, which have been used for a decade but often still do not yield the benefits that many enterprises had hoped.
If you look at Delta Airlines, they have a sophisticated process for setting ticket prices that is based on intelligence theyve gathered about what customers are willing to pay at a specific time of day on a specific route, Gottlieb said. Theyre making intelligent decisions using a whole warehouse of available data. We can apply that same concept and technology to security.
Some large, national defense departments already are using data mining tools and SQL to create a common method of querying security data and identifying exploit patterns, Gottlieb said. Its already being done, he says. The OSI community will give companies a chance to share those practices and intelligence.
The OSI community is designed to help security professionals who spend a great deal of time in data analysis, Gottlieb said. SenSage believes that these highly skilled data analysts -- sometimes called quants in the business intelligence arena -- are becoming increasingly needed in the security department.
Organizations must understand where they are most vulnerable, where they have been hacked, and why, Hay said. The [OSI] initiative is an innovative way to help organizations everywhere improve the process of mining security data to find the right information.
Have a comment on this story? Please click Comment below. If youd like to contact
Dark Readings
editors directly,
send us a message
.

Last News

▸ Researchers create BlackForest to gather, link threat data. ◂
Discovered: 23/12/2024
Category: security

▸ Travel agency fined £150,000 for breaking Data Protection Act. ◂
Discovered: 23/12/2024
Category: security

▸ 7 arrested, 3 more charged in StubHub cyber fraud ring. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
New Group Seeks Dialogue On Security Data Sharing, Mining