Big Data Security Analytics Meets Identity and Access Management

While most enterprise organizations have SIEM installed, they now realize that these venerable security systems cannot address today’s dangerous threat landscape alone. As a result, many are adding network forensics and big data analytics systems for capturing, processing, and analyzing a whole bunch of additional security data.

In the majority of cases, big data security analytics systems are applied to data such as network packets, packet Meta data, emails, and transaction systems to help security teams detect malware, phishing sites, and on-line fraud. Great start, but I’m starting to see another burgeoning focus area – IAM. Of course, many large organizations have IAM tools for user provisioning, SSO, and identity governance, but tracking all the instantiations of user activity remains elusive. In a recent ESG research survey, security professionals were asked to identify their weakest area of security monitoring. More than one-quarter (28%) pointed to, “user behavior activity monitoring/visibility,” – the highest percentage of all categories.

Read more at – Big Data Security Analytics Meets Identity and Access Management