1. Prelert Blog

    1. Your next digital security guard should be more like RoboCop

      Explore Anomaly Detection Analytics (Jun 24 2015)

      Your next digital security guard should be more like RoboCop

      Humans are clearly incapable of monitoring and identifying every threat on today’s vast and complex networks using traditional security tools. We need to enhance human capabilities by augmenting them with machine intelligence. Mixing man and machine – in some ways, similar to what OmniCorp did with RoboCop – can heighten our ability to identify and stop a threat before it’s too late. The “dumb” tools that organizations rely on today are simply ineffective.

      (Read Full Article)

      Comment Mentions:   Will Cappelli   Gartner   Analytics

    2. Data interchange formats and performance

      Explore Anomaly Detection Analytics (May 26 2015)

      Data interchange formats and performance

      When two programs need to exchange data they need to agree a common format for the data in transit.  This could be a binary format, or it could be some sort of human readable text. What follows is a look at the performance implications of the chosen format and the way it's parsed at the receiving end of the link, specifically focusing on high volume back-end C++ programs.

      (Read Full Article)


    3. Bringing Alert Management into the Present with Advanced Analytics

      Explore Anomaly Detection Analytics (May 12 2015)

      Bringing Alert Management into the Present with Advanced Analytics

      Despite producing huge volumes of alerts, rules and thresholds implementations often miss problems or report them long after the customer has experienced the impact. The fear of generating even more alerts forces monitoring teams to select fewer KPIs, thus decreasing the likelihood of detection. Problems that slowly approach thresholds go unnoticed until user experience is already impacted. Adopting this advanced analytics approach empowers enterprises to not only identify problems that rules and thresholds miss or simply execute against too late, but also provide their troubleshooting teams with pre-correlated causal data.

      (Read Full Article)

      Comment Mentions:   Analytics

    4. Excluding Frequent Occurrences for Smarter Anomaly Detection

      Explore Anomaly Detection Analytics (May 5 2015)

      Excluding Frequent Occurrences for Smarter Anomaly Detection

      In this article, we’ll discuss the rationale behind the ability to automatically exclude frequently observed entities from analysis and it’s applicability as an alternative to “whitelisting.'

      (Read Full Article)


    5. Anomaly Detection in Periodic Data

      Explore Anomaly Detection Analytics (Apr 10 2015)

      Anomaly Detection in Periodic Data

      This technique, combined with our probabilistic approach - ranks the level of “anomalousness” of the situation based upon the probability of it occurring. This enables not only accurate anomaly detection, but scores those anomalies on a normalized scale between 0 and 100, allowing for proactive alerting for only the most unlikely situations

      (Read Full Article)

      Comment Mentions:   Prelert

    6. What’s in Store for the Future of IT Security & Machine Learning?

      Explore Anomaly Detection Analytics (Mar 23 2015)

      What’s in Store for the Future of IT Security & Machine Learning?

      Before Bill Stangel was Senior Vice President of Strategy and Architecture at Fidelity Investments, he served as the Chief Enterprise Architect for Raytheon and advisory board member for Netezza. We sat down with Bill to pick his brain about the future of IT security and machine learning.

      (Read Full Article)

      Comment Mentions:   IT Security

    7. Analyze bigger data with summarized input

      Explore Anomaly Detection Analytics (Mar 17 2015)

      Analyze bigger data with summarized input

      The benefits of a smaller data size would be proportionally much greater if the summarization work was being distributed across a cluster of machines running a big data store such as Hadoop , Riak or Elasticsearch . But even this tiny example demonstrates the point and it’s one you can try on your own computer if you download an evaluation version of Prelert's Anomaly Detective Engine API  (http://www.prelert.com/reg/anomaly-detective-engine-api.html)

      (Read Full Article)


    8. Just "ML" the Sucker!

      Explore Anomaly Detection Analytics (Mar 10 2015)

      Just "ML" the Sucker!

      A recent blog post by Gartner Analyst Dr. Anton Chuvakin caught my attention.  Titled 'SIEM/ DLP Add-on Brain?,' it mentions that “we now [have] a decent number of vendors that offer, essentially, an add-on brain for your SIEM.” We think Dr. Chuvakin is being a little harsh on the SIEM tools, implying they don’t have a brain.

      (Read Full Article)

      Comment Mentions:   Prelert   Gartner   IT Security

    9. Distilling Alert Noise to Find Real Problems

      Explore Anomaly Detection Analytics (Mar 4 2015)

      Distilling Alert Noise to Find Real Problems

      Whether your concern is IT security or APM/operations, it is highly likely that you are dealing with way more alarms than you have the resources to follow up on. Even modest sized organizations today are dealing with such overwhelming volumes of alerts that they aren't even sure what percentage are false positives. Alert fatigue is one of the biggest drivers behind investigations of advanced analytics for operations and security.

      (Read Full Article)

      Comment Mentions:   IT Security   Analytics

    10. Slow Attack Detection

      Explore Anomaly Detection Analytics (Mar 3 2015)

      Slow Attack Detection

      Detecting “brute force” attacks is a very common and obvious approach to identifying those users who are attempting to “break-in” using high-velocity, high-combinations of authentication credentials. But what about the opposite situation - an attempt to gain access via slow, but pervasive attempts at authenticating while keeping “below the radar” and avoiding potential failed authentication lock-out schemes?

      (Read Full Article)


    11. John O’Donnell Joins Prelert as CFO to Support Company’s Accelerated Growth Strategy

      Explore businesswire.com (Feb 10 2015)

      John O’Donnell has joined Prelert, the leading provider of machine learning anomaly detection, as Chief Financial Officer. In this role, he will manage all financial, legal, human resources and administrative operations, working directly with Prelert’s senior management team to drive growth and success in each area. With more than 20 years of industry experience, O’Donnell most recently served as CFO of Aveksa, a leading provider of business-driven identity and access management software. While there, he built a global finance and administration organization to support the company’s dynamic growth, leading to its eventual acquisition by EMC Corporation. 

      (Read Full Article)

      Comment Mentions:   CA Technologies   Mark Jaffe

    12. Today's IT Challenges Require Advanced Analytics

      Explore Anomaly Detection Analytics (Feb 4 2015)

      Today's IT Challenges Require Advanced Analytics

      In both IT security and operations, a common complaint is the overwhelming "noise" of largely false positive alerts generated by problematic detection systems. In both cases as well, the lack of information contained in these alerts forces a diagnostic or investigative approach requiring humans to manually mine through huge volumes of data as they search for unusual behavior patterns that might not even be detectable by the human brain.

      (Read Full Article)

      Comment Mentions:   Analytics

    13. Data Breach Notification: You Need to “Know” Before You Can “Notify”

      Explore Anomaly Detection Analytics (Jan 26 2015)

      Data Breach Notification: You Need to “Know” Before You Can “Notify”

      Data breach notification is not simply a matter of “fessing up” when your customer’s data has been compromised. The devil is in the details. Before an organization can “notify” about a data breach, it first has to realize that something happened, figure out what happened, when it happened, what data was accessed, and which individuals were affected. In other words, the organization needs to “know” before it can “notify.”

      (Read Full Article)

      Comment Mentions:   IT Security   Analytics   Breach

    14. Temporal vs. Population Anomaly Detection

      Explore Anomaly Detection Analytics (Jan 14 2015)

      Temporal vs. Population Anomaly Detection

      Some anomalous behaviors are temporal in nature (with respect to time) while others are population based (all others). But, what are the differences between these two types of anomalies and under what circumstances would you use one kind over the other? This blog discusses the details behind the analyses, their merits, and best practices based upon common rules of thumb.

      (Read Full Article)

      Comment Mentions:   IT Security   Analytics

    15. Security Analytics Use Case: Finding Document Thieves

      Explore Anomaly Detection Analytics (Jan 6 2015)

      Security Analytics Use Case: Finding Document Thieves

      From time to time, document thieves may gain access to [institutional] accounts (probably through phishing attacks) and use them to access licensed material (journals, for instance) that only [authorized] users have access to.  These documents are often resold in a sort of intellectual property black market. The goal is to proactively detect these sorts of situations and quickly suspend the compromised accounts, rather than waiting to notice that the content is stolen...

      (Read Full Article)

      Comment Mentions:   Analytics

    16. Anomalies as Unexpected or Rare Events by Time of Day

      Explore Anomaly Detection Analytics (Dec 31 2014)

      Anomalies as Unexpected or Rare Events by Time of Day

      This discussion deals with the uniqueness of an event occurring at a specific time, such as a user logging in at an unexpected time of day for that user...

      (Read Full Article)

      Comment Mentions:   Prelert

    17. The Secrets to Successful Data Mining

      Explore Anomaly Detection Analytics (Dec 16 2014)

      The Secrets to Successful Data Mining

      Today's IT environments are so complex that IT and DevOps teams cannot reasonably set thresholds and alerts across all meaningful metrics. Even the much-touted best practice of employing standard deviations fails when the actual distribution of values is not Gaussian. Trying to manually define anomalies in increasingly complex systems can result in a deluge of false alerts that waste your IT team's valuable time. In fact, in a random sampling of Splunk users, almost half did not bother setting thresholds for fear of creating additional "alert noise." Scary, huh?

      (Read Full Article)

      Comment Mentions:   Enterprise Management Associates

    18. Why IT Security Teams Need Machine Learning

      Explore Anomaly Detection Analytics (Dec 12 2014)

      Why IT Security Teams Need Machine Learning

      It turns out that finding anomalies in huge volumes of data is exactly what Big Data analytics approaches, such as unsupervised machine learning, are good at...

      (Read Full Article)


  1. Recent Articles for IT Ops & APM

    1. Application performance management should to take design lessons from the smartphone industry

      Explore itworldcanada.com (Jun 29 2015)

      In the application economy, the way to improve APM is better design, “and design is more than just making it pretty,” said Kline. “You see that in the phone industry. They are winning by paying attention to design in software and hardware. That needs to be applied to APM.

      (Read Full Article)

      Comment Mentions:   CA Technologies   Application Performance Management   APM

    2. What the Dynatrace/Keynote merger means for APM

      Explore SD Times (Jun 26 2015)

      As DevOps and business stakeholders have grown more aware of and reliant upon the detailed data afforded organizations through application performance-management tools, this “cockpit,” as he described it, is the next evolution of the Application Performance Management space.

      (Read Full Article)

      Comment Mentions:   Application Performance Management   APM

    3. Performance Analytics is Key to PADS Framework

      Explore APMdigest (Jun 22 2015)

      For today’s loosely-couple application architectures, the PADS Framework provides enterprises with a strategic approach to ensuring application performance and user experience. Studies have shown that across different industry sectors, companies taking a unified approach outperform their peer groups in achieving ROI and risk management objectives.

      (Read Full Article)

      Comment Mentions:   Application Performance Management   APM   SaaS

    4. Transaction-Centric NPM: Enabling IT/Business Collaboration

      Explore apmblog.dynatrace.com (Jun 19 2015)

      The rise of application-awareness (primarily in Application Aware Network Performance Monitoring – AA NPM – solutions, but also in device management offerings) has given IT varying degrees of insight into application behavior – and sometimes a degree of insight into application performance. However, without visibility into end-user experience, without a user transaction-centric starting point, these tools do little to foster the communication and collaboration...

      (Read Full Article)

      Comment Mentions:   Application Performance Management   Application Performance Monitoring

  2. Recent Articles for Security Analytics

    1. Big Security Breaches and How Big Data Can Prevent Them

      Explore EnterpriseNetworkingPlanet (Jun 29 2015)

      In 69 percent of cases, up from 63 percent in 2012, the victims were notified of the breach by an external entity. Let's say that again, just to be clear: The companies themselves did not discover the hack on their own. Clearly, detection is a challenge.

      (Read Full Article)

      Comment Mentions:   CIO   Big Data

    2. The behavior behind the breaches | WBJournal.com

      Explore WBJournal.com (Jun 25 2015)

      The corporate IT department is not just a security guard for increasingly valuable data, it must also keep the technology infrastructure up and running at all times so that data flows without interruption, enabling all to do their jobs.

      (Read Full Article)


    3. User behavior analytics: Conquering the human vulnerability factor

      Explore searchsecurity.techtarget.com (Jun 24 2015)

      What’s the difference between security analytics and user behavior analytics (UBA) tools? These identity-based technologies focus on individuals first, monitoring their interactions and building baseline profiles to compare with historical behaviors and that of their peer groups. Most of these platforms are designed to track every user, not just those deemed high risk.

      (Read Full Article)

      Comment Mentions:   IBM   Cisco   Oracle

    4. Unlocking Big Data Analytics Potential with Real-Time Mainframe Data

      Explore Syncsort blog (Jun 23 2015)

      Splunk® provides the leading software platform for real-time Operational Intelligence. Until recently, Splunk customers were unable to source real-time data from the mainframe as well, specifically IBM z/OS®. This means the top banks, insurers, retailers, telcos and healthcare providers that rely on IBM z/OS are likely missing the z/OS view from their Splunk applications. After all, up to 80% of corporate data from these companies originates the mainframe. Mainframe users also have concerns around security. If data is being moved off the mainframe platform, it has to be encrypted and transported securely.

      (Read Full Article)

      Comment Mentions:   IBM   Big Data   Analytics

  3. Recent Articles for Big Data in IT

    1. Gartner: Big Data Is Pregnant with Analytics

      Explore Gartner Blog Network (Jun 23 2015)

      We are at the interesting point: big data time is over. It is now big data analytics time. Many organizations are at the point when they have figured out how to get data in Hadoop (or other big data stores), but not — how to get the data out and derive value from it.

      (Read Full Article)

      Comment Mentions:   Big Data   Hadoop   Analytics

    2. Gartner Perspectives on Hadoop

      Explore Gartner Blog Network (Jun 3 2015)

      Both for distribution vendors and for players in adjacent spaces, the opportunities lie in communicating the business value of their technology. As we move to mainstream buyers (and that is another way to read the Hype Cycle – broad adoption happens after the early adopters are in – and they are now), the buyers are not after technology, but business value. They think differently, and they buy differently...

      (Read Full Article)

      Comment Mentions:   Gartner   Big Data   Hadoop

    3. The Data Lake Debate: Conclusion

      Explore smartdatacollective.com (May 4 2015)

      On the one hand, the data lake presents a fresh and practical solution for easier data access, loading, cleansing, provisioning, and archiving, freeing companies from the yoke of traditional relational database systems and their accompanying processing and labor-intensive infrastructures.

      But on the other hand, the data lake is still only a component in an overall data ecosystem that includes data management and governance, quality and master data management solutions, and loading and provisioning standards. And, Anne insists, it need not include Hadoop.

      (Read Full Article)


    4. Big Data & The Security Skills Shortage

      Explore Dark Reading (Apr 29 2015)

      One issue is the hundreds or thousands of security incident alerts organizations receive every day -- the vast majority of which are not malicious activity or targeted attacks. Differentiating between true, targeted attacks and non-malicious incidents is extremely difficult unless security analysts are armed with the skills and tools they need to make them entry-level data scientists.

      (Read Full Article)

      Comment Mentions:   Big Data   Analytics

  4. Recent Articles for Machine Learning Analytics

    1. IoT Won’t Work Without Artificial Intelligence

      Explore Wired.com (Nov 13 2014)

      In an IoT situation, machine learning can help companies take the billions of data points they have and boil them down to what’s really meaningful. The general premise is the same as in the retail applications – review and analyze the data you’ve collected to find patterns or similarities that can be learned from, so that better decisions can be made.

      (Read Full Article)

      Comment Mentions:   Artificial Intelligence   Mark Jaffe

    2. Making Sense of IoT Data With Machine Learning Technologies - Forbes

      Explore forbes.com (Sep 4 2014)

      As companies embark on the long journey of harvesting large amounts of data from connected devices and sensors, the valuable insights hidden in the data are driving up costs and not adding to the bottom line. How can these companies get these insights to market faster while reducing the risk of project failure? One way is to leverage the expertise of companies whose core competency is machine learning. One interesting use case comes from Prelert, a self-described anomaly detection company...

      (Read Full Article)

      Comment Mentions:   Prelert

    3. Sophie Chang Named VP of Engineering at Preler

      Explore businesswire.com (Aug 12 2014)

      Prelert , the anomaly detection company, today announced that it has hired Sophie Chang as Vice President of Engineering to lead its U.K.-based engineering team. In this role, Chang will be responsible for product development and managing all aspects of the team’s activities, helping to enhance Prelert’s machine learning-based anomaly detection engine. Chang brings more than ten years of senior executive experience to her new role, most notably through her time as VP Software at 1E, a fast-growing and successful B2B IT efficiency software company. She was responsible for growing its technology team from two people to ...

      (Read Full Article)

      Comment Mentions:   Prelert   Mark Jaffe   Dr. Steve

    4. How Machine Learning Is Improving Computer Security

      Explore smartdatacollective.com (Jul 27 2014)

      The machine learning approach has a major advantage over the more traditional way of threat detection. With the traditional way, systems had to look for signatures that had already been determined to be a threat. Once these signatures were identified within a network, the system would have to either stop it from further infiltration, or eliminate it. This method has some rather obvious weaknesses, the main one being its non-predictive nature. Machine learning is able to address this major weakness by looking through data for certain patterns and signals, thus predicting future attacks and preventing them, letting the system stay ...

      (Read Full Article)


  5. Recent Articles

    1. “EPIC” fail—how OPM hackers tapped the mother lode of espionage data

      Explore Ars Technica (Jun 22 2015)

      Government officials have been vague in their testimony about the data breaches—there was apparently more than one—at the Office of Personnel Management. But on Thursday, officials from OPM, the Department of Homeland Security, and the Department of the Interior revealed new information that indicates at least two separate systems were compromised by attackers within OPM's and Interior's networks.

      (Read Full Article)

      Comment Mentions:   Microsoft   CIO   SAP

    2. Detecting Upatre variants using Security Analytics

      Explore Welcome (Jun 18 2015)

      Since it was first spotted in August 2013, Upatre has been evolving dramatically making it harder for analysts to detect it and to understand the communication between an infected system and the command and control server. In this blog post, we will discuss multiple ways to detect different variants of Upatre...

      (Read Full Article)

      Comment Mentions:   Analytics

    3. Evaluating Big Data Security Analytics Solutions

      Explore World's Largest Professional Network (Jun 16 2015)

      This article covers a good spectrum of technical topics about evaluating a big data security analytics solution.  The actual evaluation criteria will be different from enterprise to enterprise as enterprises’ environments, requirements, and priorities are different.  But the issues covered here should provide a good foundation to start drafting your evaluation criteria and POC requirements.

      (Read Full Article)

      Comment Mentions:   Microsoft   Big Data   Analytics

    4. Gartner Security Summit Recap

      Explore Platfora (Jun 12 2015)

      Gartner predicts a bright future for the adoption and opportunities of big data analytics for security, and the firm is positioning it as an essential in any enterprise security toolkit. Big data analytics, especially security analytics is no longer just heating up—it’s hot.

      (Read Full Article)

      Comment Mentions:   Gartner   Big Data   Analytics

  6. Recent Comments