1. Prelert Blog

    1. Partitioning vs. "Split By" Clause in Anomaly Detection

      Explore Anomaly Detection Analytics (Jul 21 2015)

      Partitioning vs. "Split By" Clause in Anomaly Detection

      Use of either “partition field” or “by field” allows segmentation of the analysis along instances of a categorical field so that you can expand the analysis and get individual treatment for each instance. A "by field" analysis will tend to pick out times when many time series are behaving oddly and "partition field" will tend to pick out times when even only one is behaving very oddly.

      (Read Full Article)

      Comment

    2. Splunk search quirks and edge cases

      Explore Anomaly Detection Analytics (Jul 13 2015)

      Splunk search quirks and edge cases

      If you're planning to write any complex custom search commands of your own then here are a few insights you might find helpful.

      (Read Full Article)

      Comment

    3. Optimizing Anomaly Detection LookBack with maxSeachBuckets

      Explore Anomaly Detection Analytics (Jul 6 2015)

      Optimizing Anomaly Detection LookBack with maxSeachBuckets

      A handy feature of Anomaly Detective’s real-time search configuration is the option to invoke “LookBack” - a capability that will “backfill” historical data to help build some historical baseline analysis before deploying anomaly searches ongoing. You can use the following method to optimize the speed at which LookBack runs and completes.

      (Read Full Article)

      Comment Mentions:   IT Security

    4. Your next digital security guard should be more like RoboCop

      Explore Anomaly Detection Analytics (Jun 24 2015)

      Your next digital security guard should be more like RoboCop

      Humans are clearly incapable of monitoring and identifying every threat on today’s vast and complex networks using traditional security tools. We need to enhance human capabilities by augmenting them with machine intelligence. Mixing man and machine – in some ways, similar to what OmniCorp did with RoboCop – can heighten our ability to identify and stop a threat before it’s too late. The “dumb” tools that organizations rely on today are simply ineffective.

      (Read Full Article)

      Comment Mentions:   Will Cappelli   Gartner   Analytics

    5. Data interchange formats and performance

      Explore Anomaly Detection Analytics (May 26 2015)

      Data interchange formats and performance

      When two programs need to exchange data they need to agree a common format for the data in transit.  This could be a binary format, or it could be some sort of human readable text. What follows is a look at the performance implications of the chosen format and the way it's parsed at the receiving end of the link, specifically focusing on high volume back-end C++ programs.

      (Read Full Article)

      Comment

    6. Bringing Alert Management into the Present with Advanced Analytics

      Explore Anomaly Detection Analytics (May 12 2015)

      Bringing Alert Management into the Present with Advanced Analytics

      Despite producing huge volumes of alerts, rules and thresholds implementations often miss problems or report them long after the customer has experienced the impact. The fear of generating even more alerts forces monitoring teams to select fewer KPIs, thus decreasing the likelihood of detection. Problems that slowly approach thresholds go unnoticed until user experience is already impacted. Adopting this advanced analytics approach empowers enterprises to not only identify problems that rules and thresholds miss or simply execute against too late, but also provide their troubleshooting teams with pre-correlated causal data.

      (Read Full Article)

      Comment Mentions:   Analytics

    7. Excluding Frequent Occurrences for Smarter Anomaly Detection

      Explore Anomaly Detection Analytics (May 5 2015)

      Excluding Frequent Occurrences for Smarter Anomaly Detection

      In this article, we’ll discuss the rationale behind the ability to automatically exclude frequently observed entities from analysis and it’s applicability as an alternative to “whitelisting.'

      (Read Full Article)

      Comment

    8. Anomaly Detection in Periodic Data

      Explore Anomaly Detection Analytics (Apr 10 2015)

      Anomaly Detection in Periodic Data

      This technique, combined with our probabilistic approach - ranks the level of “anomalousness” of the situation based upon the probability of it occurring. This enables not only accurate anomaly detection, but scores those anomalies on a normalized scale between 0 and 100, allowing for proactive alerting for only the most unlikely situations

      (Read Full Article)

      Comment Mentions:   Prelert

    9. What’s in Store for the Future of IT Security & Machine Learning?

      Explore Anomaly Detection Analytics (Mar 23 2015)

      What’s in Store for the Future of IT Security & Machine Learning?

      Before Bill Stangel was Senior Vice President of Strategy and Architecture at Fidelity Investments, he served as the Chief Enterprise Architect for Raytheon and advisory board member for Netezza. We sat down with Bill to pick his brain about the future of IT security and machine learning.

      (Read Full Article)

      Comment Mentions:   IT Security

    10. Analyze bigger data with summarized input

      Explore Anomaly Detection Analytics (Mar 17 2015)

      Analyze bigger data with summarized input

      The benefits of a smaller data size would be proportionally much greater if the summarization work was being distributed across a cluster of machines running a big data store such as Hadoop , Riak or Elasticsearch . But even this tiny example demonstrates the point and it’s one you can try on your own computer if you download an evaluation version of Prelert's Anomaly Detective Engine API  (http://www.prelert.com/reg/anomaly-detective-engine-api.html)

      (Read Full Article)

      Comment

    11. Just "ML" the Sucker!

      Explore Anomaly Detection Analytics (Mar 10 2015)

      Just "ML" the Sucker!

      A recent blog post by Gartner Analyst Dr. Anton Chuvakin caught my attention.  Titled 'SIEM/ DLP Add-on Brain?,' it mentions that “we now [have] a decent number of vendors that offer, essentially, an add-on brain for your SIEM.” We think Dr. Chuvakin is being a little harsh on the SIEM tools, implying they don’t have a brain.

      (Read Full Article)

      Comment Mentions:   Prelert   Gartner   IT Security

    12. Distilling Alert Noise to Find Real Problems

      Explore Anomaly Detection Analytics (Mar 4 2015)

      Distilling Alert Noise to Find Real Problems

      Whether your concern is IT security or APM/operations, it is highly likely that you are dealing with way more alarms than you have the resources to follow up on. Even modest sized organizations today are dealing with such overwhelming volumes of alerts that they aren't even sure what percentage are false positives. Alert fatigue is one of the biggest drivers behind investigations of advanced analytics for operations and security.

      (Read Full Article)

      Comment Mentions:   IT Security   Analytics

    13. Slow Attack Detection

      Explore Anomaly Detection Analytics (Mar 3 2015)

      Slow Attack Detection

      Detecting “brute force” attacks is a very common and obvious approach to identifying those users who are attempting to “break-in” using high-velocity, high-combinations of authentication credentials. But what about the opposite situation - an attempt to gain access via slow, but pervasive attempts at authenticating while keeping “below the radar” and avoiding potential failed authentication lock-out schemes?

      (Read Full Article)

      Comment

    14. John O’Donnell Joins Prelert as CFO to Support Company’s Accelerated Growth Strategy

      Explore businesswire.com (Feb 10 2015)

      John O’Donnell has joined Prelert, the leading provider of machine learning anomaly detection, as Chief Financial Officer. In this role, he will manage all financial, legal, human resources and administrative operations, working directly with Prelert’s senior management team to drive growth and success in each area. With more than 20 years of industry experience, O’Donnell most recently served as CFO of Aveksa, a leading provider of business-driven identity and access management software. While there, he built a global finance and administration organization to support the company’s dynamic growth, leading to its eventual acquisition by EMC Corporation. 

      (Read Full Article)

      Comment Mentions:   CA Technologies   Mark Jaffe

    15. Today's IT Challenges Require Advanced Analytics

      Explore Anomaly Detection Analytics (Feb 4 2015)

      Today's IT Challenges Require Advanced Analytics

      In both IT security and operations, a common complaint is the overwhelming "noise" of largely false positive alerts generated by problematic detection systems. In both cases as well, the lack of information contained in these alerts forces a diagnostic or investigative approach requiring humans to manually mine through huge volumes of data as they search for unusual behavior patterns that might not even be detectable by the human brain.

      (Read Full Article)

      Comment Mentions:   Analytics

    16. Data Breach Notification: You Need to “Know” Before You Can “Notify”

      Explore Anomaly Detection Analytics (Jan 26 2015)

      Data Breach Notification: You Need to “Know” Before You Can “Notify”

      Data breach notification is not simply a matter of “fessing up” when your customer’s data has been compromised. The devil is in the details. Before an organization can “notify” about a data breach, it first has to realize that something happened, figure out what happened, when it happened, what data was accessed, and which individuals were affected. In other words, the organization needs to “know” before it can “notify.”

      (Read Full Article)

      Comment Mentions:   IT Security   Analytics   Breach

    17. Temporal vs. Population Anomaly Detection

      Explore Anomaly Detection Analytics (Jan 14 2015)

      Temporal vs. Population Anomaly Detection

      Some anomalous behaviors are temporal in nature (with respect to time) while others are population based (all others). But, what are the differences between these two types of anomalies and under what circumstances would you use one kind over the other? This blog discusses the details behind the analyses, their merits, and best practices based upon common rules of thumb.

      (Read Full Article)

      Comment Mentions:   IT Security   Analytics

    18. Security Analytics Use Case: Finding Document Thieves

      Explore Anomaly Detection Analytics (Jan 6 2015)

      Security Analytics Use Case: Finding Document Thieves

      From time to time, document thieves may gain access to [institutional] accounts (probably through phishing attacks) and use them to access licensed material (journals, for instance) that only [authorized] users have access to.  These documents are often resold in a sort of intellectual property black market. The goal is to proactively detect these sorts of situations and quickly suspend the compromised accounts, rather than waiting to notice that the content is stolen...

      (Read Full Article)

      Comment Mentions:   Analytics

  1. Recent Articles for IT Ops & APM

    1. Current Enterprise Application Monitoring Tools Often Siloed and Underutilized by IT Organizations, Reports New Research

      Explore Digital Journal (Jul 15 2015)

      EMA’s 2015 APM Tools Survey indicated that the lack of application-focused solutions appears to contribute to current IT challenges, with IT teams often trying to manage modern, complex applications with siloed tools and primarily manual processes.

      (Read Full Article)

      Comment Mentions:   Application Performance Management   APM   Enterprise Management Associates

    2. Technical Glitches and Slowdowns

      Explore Yahoo! Finance (Jul 9 2015)

      40 percent of those surveyed say they would trial a new app if it promised to deliver a more convenient shopping experience.

      (Read Full Article)

      Comment Mentions:   APM

    3. Transaction-Centric NPM: Enabling IT Operations/Development Collaboration

      Explore apmblog.dynatrace.com (Jul 8 2015)

      The answer is something more than a session-layer response time measurement, that ubiquitous metric present in virtually all AA NPM solutions since the late 1990s. These very basic measurements summarize all request/response timings on a given TCP connection without differentiating between transaction types, unfortunately and unavoidably mixing 10 millisecond queries with 15 second reports. While the label – “Application response time” – may sound promising, the measurements themselves are relatively unactionable in real life. Armed with this measurement, the information you are able to pass to the development team is only slightly more interesting than saying “my network tool says your ...

      (Read Full Article)

      Comment Mentions:   Application Performance Management   Oracle   SAP

    4. Transaction-Centric NPM: Enabling IT/Business Collaboration

      Explore apmblog.dynatrace.com (Jun 30 2015)

      A transaction-centric approach separates transactions into different measurement buckets; no longer is a 25-second report averaged with hundreds of 20 millisecond queries. The business context becomes immediately clear, along with transaction-specific performance breakdowns that immediately isolate the fault domain for the failing transaction

      (Read Full Article)

      Comment Mentions:   Application Performance Management   Outage

  2. Recent Articles for Security Analytics

    1. Big Data Security Analytics: Making the Impossible Possible

      Explore Niara (Jul 16 2015)

      Getting this higher order of information can be challenging. The building blocks for this information are already there, but buried in the log, flow, packet, file, alert and threat feed data that’s all over an organization. But remember we are talking about sophisticated threats, which routinely circumvent perimeter defenses. Uncovering them is no easy feat. For example, in a multi-stage attack, each action alone may not rise to the level of an alert, but the end result can be disastrous. Marrying big data with machine learning can help address this challenge

      (Read Full Article)

      Comment Mentions:   Big Data   Analytics

    2. Meeting the increasing security threat head-on with Operational Intelligence

      Explore Splunk Blogs (Jul 15 2015)

      There was a clear correlation between OI maturity and the concern about IT security threats. The greater the level of OI maturity and hence IT insight, the greater the awareness an organisation had of security threats.

      (Read Full Article)

      Comment

    3. Is Behavior-Based Analytics the Final Layer of our Security Defenses?

      Explore Security Bloggers Network (Jul 14 2015)

      The final layer of an organization’s security defense depends directly on ability of security monitoring systems to detect anomalous or risky behaviors of “things”, including, protocols, executables, users, applications, hosts, and domains, to name some of the more obvious “things” for which anomalous behavior could good indicator of compromise...

      (Read Full Article)

      Comment Mentions:   Analytics

    4. Cybersecurity Lessons from W. Edwards Deming

      Explore Network World (Jul 14 2015)

      Process problems are the biggest bottleneck to strong cybersecurity so CISOs must address these issues before layering on additional technology...

      (Read Full Article)

      Comment

  3. Recent Articles for Big Data in IT

    1. Gartner: Big Data Is Pregnant with Analytics

      Explore Gartner Blog Network (Jun 23 2015)

      We are at the interesting point: big data time is over. It is now big data analytics time. Many organizations are at the point when they have figured out how to get data in Hadoop (or other big data stores), but not — how to get the data out and derive value from it.

      (Read Full Article)

      Comment Mentions:   Big Data   Hadoop   Analytics

    2. Gartner Perspectives on Hadoop

      Explore Gartner Blog Network (Jun 3 2015)

      Both for distribution vendors and for players in adjacent spaces, the opportunities lie in communicating the business value of their technology. As we move to mainstream buyers (and that is another way to read the Hype Cycle – broad adoption happens after the early adopters are in – and they are now), the buyers are not after technology, but business value. They think differently, and they buy differently...

      (Read Full Article)

      Comment Mentions:   Gartner   Big Data   Hadoop

    3. The Data Lake Debate: Conclusion

      Explore smartdatacollective.com (May 4 2015)

      On the one hand, the data lake presents a fresh and practical solution for easier data access, loading, cleansing, provisioning, and archiving, freeing companies from the yoke of traditional relational database systems and their accompanying processing and labor-intensive infrastructures.

      But on the other hand, the data lake is still only a component in an overall data ecosystem that includes data management and governance, quality and master data management solutions, and loading and provisioning standards. And, Anne insists, it need not include Hadoop.

      (Read Full Article)

      Comment

    4. Big Data & The Security Skills Shortage

      Explore Dark Reading (Apr 29 2015)

      One issue is the hundreds or thousands of security incident alerts organizations receive every day -- the vast majority of which are not malicious activity or targeted attacks. Differentiating between true, targeted attacks and non-malicious incidents is extremely difficult unless security analysts are armed with the skills and tools they need to make them entry-level data scientists.

      (Read Full Article)

      Comment Mentions:   Big Data   Analytics

  4. Recent Articles for Machine Learning Analytics

    1. IoT Won’t Work Without Artificial Intelligence

      Explore Wired.com (Nov 13 2014)

      In an IoT situation, machine learning can help companies take the billions of data points they have and boil them down to what’s really meaningful. The general premise is the same as in the retail applications – review and analyze the data you’ve collected to find patterns or similarities that can be learned from, so that better decisions can be made.

      (Read Full Article)

      Comment Mentions:   Artificial Intelligence   Mark Jaffe

    2. Making Sense of IoT Data With Machine Learning Technologies - Forbes

      Explore forbes.com (Sep 4 2014)

      As companies embark on the long journey of harvesting large amounts of data from connected devices and sensors, the valuable insights hidden in the data are driving up costs and not adding to the bottom line. How can these companies get these insights to market faster while reducing the risk of project failure? One way is to leverage the expertise of companies whose core competency is machine learning. One interesting use case comes from Prelert, a self-described anomaly detection company...

      (Read Full Article)

      Comment Mentions:   Prelert

    3. Sophie Chang Named VP of Engineering at Preler

      Explore businesswire.com (Aug 12 2014)

      Prelert , the anomaly detection company, today announced that it has hired Sophie Chang as Vice President of Engineering to lead its U.K.-based engineering team. In this role, Chang will be responsible for product development and managing all aspects of the team’s activities, helping to enhance Prelert’s machine learning-based anomaly detection engine. Chang brings more than ten years of senior executive experience to her new role, most notably through her time as VP Software at 1E, a fast-growing and successful B2B IT efficiency software company. She was responsible for growing its technology team from two people to ...

      (Read Full Article)

      Comment Mentions:   Prelert   Mark Jaffe   Dr. Steve

    4. How Machine Learning Is Improving Computer Security

      Explore smartdatacollective.com (Jul 27 2014)

      The machine learning approach has a major advantage over the more traditional way of threat detection. With the traditional way, systems had to look for signatures that had already been determined to be a threat. Once these signatures were identified within a network, the system would have to either stop it from further infiltration, or eliminate it. This method has some rather obvious weaknesses, the main one being its non-predictive nature. Machine learning is able to address this major weakness by looking through data for certain patterns and signals, thus predicting future attacks and preventing them, letting the system stay ...

      (Read Full Article)

      Comment

  5. Recent Articles

    1. 3 dominant trends that will drive cloud security in the coming years

      Explore Information Age (Jul 12 2015)

      CIOs are now moving their focus from preventing a breach to accepting it and the requirement for fast detection, analytics and identifying vulnerabilities before they are exploited.

      (Read Full Article)

      Comment Mentions:   Google   Microsoft   Amazon

    2. Cyber Attack on Power Grid Could Top $1 Trillion in Damage

      Explore securityweek.com (Jul 10 2015)

      In the advent of a major cyber-attack against the United States power grid, people could conceivably die as health and safety systems fail, business come to a standstill, and transportation networks stop working. An insurance company calculated such an attack would cause between $243 billion to more than $1 trillion in economic damage .

      (Read Full Article)

      Comment Mentions:   IT Security

    3. Five Common Myths of Big Data and Analytics Solutions

      Explore The Storage Chap (Jul 9 2015)

      If you mine the right data, using proven processes, with skilled data scientists and with an industrial or an enterprise ready platform the results can be very apparent.

      (Read Full Article)

      Comment Mentions:   CIO   Big Data   Hadoop

    4. Six criteria for procuring security analytics software

      Explore searchsecurity.techtarget.com (Jul 7 2015)

      Security analytics software can be beneficial to enterprises. Expert Dan Sullivan explains how to select the right product to fit your organization's needs.

      (Read Full Article)

      Comment Mentions:   Microsoft   Cisco   Dell

  6. Recent Comments