The computational scale of Cloudera Enterprise would allow Niara to apply its machine learning models across multiple dimensions of user behavior. Once an attack is detected, Niara explains that it can use the power of Cloudera Enterprise to deliver a historically complete forensic record of the affected entities to a security analyst, reducing the time for investigation and response from hours and days to minutes.
“Cloudera offers the most mature, enterprise-ready Hadoop stack in its industry for ingesting and analyzing data,” said Sriram Ramachandran, Chief Executive Officer and Co-founder, Niara.
“To successfully implement machine learning algorithms at scale, you need the right infrastructure in place operating on the most complete data set. We’re power users ourselves of Cloudera, and so this was a very easy decision to make it a foundational part of our behavior analytics platform.”
How does Niara function?
Niara uses Hadoop to process an unmatched set of data sources in its analytics platform including logs, flows, packets and external threat feeds. This data is processed by over a hundred supervised and unsupervised machine learning models to track any deviance from normal behavior in typical IT activity that, which when put into context over time, indicates attacks that have gone unnoticed using other, more traditional security solutions.
Hence, the analytics company focuses on detecting attacks that have gotten past other security defenses—so-called “attacks on the inside” that are launched either through compromised users or malicious insiders. For example, a user may propagate ransomware by opening the wrong email attachment, a trusted partner may expose sensitive portal access credentials to unauthorized users accidentally, or a sys admin may slowly exfiltrate patient healthcare records to sell on the dark web.
“Cybersecurity continues to be a board room conversation across every enterprise today,” said Tim Stevens, Vice President, Business and Corporate Development, Cloudera.
“CISOs recognize that in order to detect malicious insider threats, or even negligent employee actions, solutions must be able to analyze data at scale. Machine learning is very compute intensive and the greater the source of data to compare and contrast behavior against, the more effective threat detection can be.”
