1. Prelert Blog

    1. What’s in Store for the Future of IT Security & Machine Learning?

      Explore Anomaly Detection Analytics (Mar 23 2015)

      What’s in Store for the Future of IT Security & Machine Learning?

      Before Bill Stangel was Senior Vice President of Strategy and Architecture at Fidelity Investments, he served as the Chief Enterprise Architect for Raytheon and advisory board member for Netezza. We sat down with Bill to pick his brain about the future of IT security and machine learning.

      (Read Full Article)

      Comment Mentions:   IT Security

    2. Analyze bigger data with summarized input

      Explore Anomaly Detection Analytics (Mar 17 2015)

      Analyze bigger data with summarized input

      The benefits of a smaller data size would be proportionally much greater if the summarization work was being distributed across a cluster of machines running a big data store such as Hadoop , Riak or Elasticsearch . But even this tiny example demonstrates the point and it’s one you can try on your own computer if you download an evaluation version of Prelert's Anomaly Detective Engine API  (http://www.prelert.com/reg/anomaly-detective-engine-api.html)

      (Read Full Article)


    3. Just "ML" the Sucker!

      Explore Anomaly Detection Analytics (Mar 10 2015)

      Just "ML" the Sucker!

      A recent blog post by Gartner Analyst Dr. Anton Chuvakin caught my attention.  Titled 'SIEM/ DLP Add-on Brain?,' it mentions that “we now [have] a decent number of vendors that offer, essentially, an add-on brain for your SIEM.” We think Dr. Chuvakin is being a little harsh on the SIEM tools, implying they don’t have a brain.

      (Read Full Article)

      Comment Mentions:   Prelert   Gartner   IT Security

    4. Distilling Alert Noise to Find Real Problems

      Explore Anomaly Detection Analytics (Mar 4 2015)

      Distilling Alert Noise to Find Real Problems

      Whether your concern is IT security or APM/operations, it is highly likely that you are dealing with way more alarms than you have the resources to follow up on. Even modest sized organizations today are dealing with such overwhelming volumes of alerts that they aren't even sure what percentage are false positives. Alert fatigue is one of the biggest drivers behind investigations of advanced analytics for operations and security.

      (Read Full Article)

      Comment Mentions:   IT Security   Analytics

    5. Slow Attack Detection

      Explore Anomaly Detection Analytics (Mar 3 2015)

      Slow Attack Detection

      Detecting “brute force” attacks is a very common and obvious approach to identifying those users who are attempting to “break-in” using high-velocity, high-combinations of authentication credentials. But what about the opposite situation - an attempt to gain access via slow, but pervasive attempts at authenticating while keeping “below the radar” and avoiding potential failed authentication lock-out schemes?

      (Read Full Article)


    6. John O’Donnell Joins Prelert as CFO to Support Company’s Accelerated Growth Strategy

      Explore businesswire.com (Feb 10 2015)

      John O’Donnell has joined Prelert, the leading provider of machine learning anomaly detection, as Chief Financial Officer. In this role, he will manage all financial, legal, human resources and administrative operations, working directly with Prelert’s senior management team to drive growth and success in each area. With more than 20 years of industry experience, O’Donnell most recently served as CFO of Aveksa, a leading provider of business-driven identity and access management software. While there, he built a global finance and administration organization to support the company’s dynamic growth, leading to its eventual acquisition by EMC Corporation. 

      (Read Full Article)

      Comment Mentions:   CA Technologies   Mark Jaffe

    7. Today's IT Challenges Require Advanced Analytics

      Explore Anomaly Detection Analytics (Feb 4 2015)

      Today's IT Challenges Require Advanced Analytics

      In both IT security and operations, a common complaint is the overwhelming "noise" of largely false positive alerts generated by problematic detection systems. In both cases as well, the lack of information contained in these alerts forces a diagnostic or investigative approach requiring humans to manually mine through huge volumes of data as they search for unusual behavior patterns that might not even be detectable by the human brain.

      (Read Full Article)

      Comment Mentions:   Analytics

    8. Data Breach Notification: You Need to “Know” Before You Can “Notify”

      Explore Anomaly Detection Analytics (Jan 26 2015)

      Data Breach Notification: You Need to “Know” Before You Can “Notify”

      Data breach notification is not simply a matter of “fessing up” when your customer’s data has been compromised. The devil is in the details. Before an organization can “notify” about a data breach, it first has to realize that something happened, figure out what happened, when it happened, what data was accessed, and which individuals were affected. In other words, the organization needs to “know” before it can “notify.”

      (Read Full Article)

      Comment Mentions:   IT Security   Analytics   Breach

    9. Temporal vs. Population Anomaly Detection

      Explore Anomaly Detection Analytics (Jan 14 2015)

      Temporal vs. Population Anomaly Detection

      Some anomalous behaviors are temporal in nature (with respect to time) while others are population based (all others). But, what are the differences between these two types of anomalies and under what circumstances would you use one kind over the other? This blog discusses the details behind the analyses, their merits, and best practices based upon common rules of thumb.

      (Read Full Article)

      Comment Mentions:   IT Security   Analytics

    10. Security Analytics Use Case: Finding Document Thieves

      Explore Anomaly Detection Analytics (Jan 6 2015)

      Security Analytics Use Case: Finding Document Thieves

      From time to time, document thieves may gain access to [institutional] accounts (probably through phishing attacks) and use them to access licensed material (journals, for instance) that only [authorized] users have access to.  These documents are often resold in a sort of intellectual property black market. The goal is to proactively detect these sorts of situations and quickly suspend the compromised accounts, rather than waiting to notice that the content is stolen...

      (Read Full Article)

      Comment Mentions:   Analytics

    11. Anomalies as Unexpected or Rare Events by Time of Day

      Explore Anomaly Detection Analytics (Dec 31 2014)

      Anomalies as Unexpected or Rare Events by Time of Day

      This discussion deals with the uniqueness of an event occurring at a specific time, such as a user logging in at an unexpected time of day for that user...

      (Read Full Article)

      Comment Mentions:   Prelert

    12. The Secrets to Successful Data Mining

      Explore Anomaly Detection Analytics (Dec 16 2014)

      The Secrets to Successful Data Mining

      Today's IT environments are so complex that IT and DevOps teams cannot reasonably set thresholds and alerts across all meaningful metrics. Even the much-touted best practice of employing standard deviations fails when the actual distribution of values is not Gaussian. Trying to manually define anomalies in increasingly complex systems can result in a deluge of false alerts that waste your IT team's valuable time. In fact, in a random sampling of Splunk users, almost half did not bother setting thresholds for fear of creating additional "alert noise." Scary, huh?

      (Read Full Article)

      Comment Mentions:   Enterprise Management Associates

    13. Why IT Security Teams Need Machine Learning

      Explore Anomaly Detection Analytics (Dec 12 2014)

      Why IT Security Teams Need Machine Learning

      It turns out that finding anomalies in huge volumes of data is exactly what Big Data analytics approaches, such as unsupervised machine learning, are good at...

      (Read Full Article)


    14. Security Analytics - Anomaly Detection for IT Security

      Explore Anomaly Detection Analytics (Dec 5 2014)

      Security Analytics - Anomaly Detection for IT Security

      In this short (1:25) video, IT Security professionals protect from advanced threats with security analytics. Machine learning anomaly detection finds the fingerprints of criminial activity in real-time so to detect problems early and act fast...

      (Read Full Article)

      Comment Mentions:   IT Security   Analytics

    15. Data Mining: Don't Settle for Monitoring 1% of Your IT Operations Data

      Explore Anomaly Detection Analytics (Dec 4 2014)

      Data Mining: Don't Settle for Monitoring 1% of Your IT Operations Data

      Do you have the whole automation vs. data mining thing backwards? Traditional IT monitoring approaches automatically analyze less than 1% of the data available looking for 'known bad' behaviors. When a problem is found, an alert is raised that tells us what happened. Troubleshooting teams then have to manually ‘mine’ the other 99% of the data to find out why there was an alarm in the first place. No wonder recent surveys on the state of IT operations verify that two of the biggest concerns are "time spent troubleshooting" and "problems reported by users before IT knows about them."

      (Read Full Article)

      Comment Mentions:   Troubleshooting

    16. Ensure Compliance With IT Operations Analytics

      Explore Anomaly Detection Analytics (Dec 3 2014)

      Ensure Compliance With IT Operations Analytics

      With ITOA (IT Operations Analytics), companies no longer have to remain well-read on each potential flaw or hack that has been concocted and can set up the technology to look for users that are operating outside the definition of normal. The automated nature of ITOA technology frees a company's IT team from having to set thresholds, develop signatures, or just manually search for abnormal behaviors. The ability of ITOA technology to adapt with speed and accuracy minimizes false positives and provides an organization with the resource it needs to weed out any rogue marketers before they get a chance ...

      (Read Full Article)

      Comment Mentions:   Analytics

    17. Implementing StatsReduce in Anomaly Detective

      Explore Anomaly Detection Analytics (Nov 20 2014)

      Implementing StatsReduce in Anomaly Detective

      One of the major additions to version 3.3 of Prelert Anomaly Detective ® for Splunk was a feature called StatsReduce. This feature enables Anomaly Detective to take advantage of Splunk’s distributed processing to analyse immense volumes of data quickly enough to deliver real-time insights. The addition of StatsReduce mode to our Anomaly Detective for Splunk makes it the sole native Splunk app that can deliver real-time analytics for data big enough to require a distributed Splunk installation to store it.

      (Read Full Article)


    18. Anomaly Detection on Large Data Sets via Aggregation

      Explore Anomaly Detection Analytics (Nov 18 2014)

      Anomaly Detection on Large Data Sets via Aggregation

      When dealing with very large data sets, there are various practical obstacles, which aren't present at smaller scale, to getting conventional anomaly detection algorithms to work. A key one is the concept of data inertia. This is simply that it is impractical or even impossible to transport the entire data set to a single process. Often, in this context, we have to process a distributed collection of data streams, and we simply don’t have the bandwidth to copy all these data to one process. Therefore, we would like to be able to perform anomaly detection at the level ...

      (Read Full Article)


  1. Recent Articles for IT Ops & APM

    1. 8 big trends in big data analytics

      Explore scoop.it (Mar 14 2015)

      Bill Loconzolo, vice president of data engineering at Intuit says, 

      The promise of the [Hadoop] platform is not at the level it needs to be for business to rely on it, but the disciplines of big data and analytics are evolving so quickly that businesses need to wade in or risk being left behind.

      (Read Full Article)

      Comment Mentions:   Big Data   Analytics

    2. DevOps by Any Other Name is Still DevOps

      Explore linux.sys-con.com (Mar 13 2015)

      The next time you start throwing around DevOps terminology, make sure you are talking about the same thing. And when it comes to server monitoring, allow log analysis to be the system of record for all data, and APM to do what it does best, understanding your users.

      (Read Full Article)

      Comment Mentions:   APM   Analytics

    3. Application Performance Management Insights

      Explore linux.sys-con.com (Mar 11 2015)

      Application Performance Management (APM) is now reaching the crest of its popularity cycle, and will soon be absorbed into the mainstream of IT as the principles of APM become clear to the broader audience.

      (Read Full Article)

      Comment Mentions:   Application Performance Management   APM   Analytics

    4. Gartner Predicts Massive Growth of DevOps

      Explore APMdigest (Mar 9 2015)

      Gartner believes that rather than being a market per se, DevOps is a philosophy, a cultural shift that merges operations with development and demands a linked toolchain of technologies to facilitate collaborative change.

      (Read Full Article)

      Comment Mentions:   EMC   Application Performance Management   APM

  2. Recent Articles for Security Analytics

    1. 8 Analytics Trends to Watch in 2015

      Explore CIO.com (Mar 12 2015)

      Deloitte believes eight trends will dominate the world of analytics in 2015.

      (Read Full Article)

      Comment Mentions:   Google   CIO   Big Data

    2. Endpoint Security Meets the Cybersecurity Skills Shortage

      Explore Network World (Mar 5 2015)

      Just about every cyberattack follows a similar pattern: an end-user is fooled into clicking on a malicious link, downloading malware, or opening an infected file. {So] given this pedestrian malware workflow, endpoint security is absolutely key – catch an attack early when it compromises a few endpoints and you can avoid the more ominous phases of the kill chain, including data exfiltration.

      (Read Full Article)

      Comment Mentions:   Cisco   Dell   Analytics

    3. Big data security analytics: Can it revolutionize information security?

      Explore Ow.ly (Mar 5 2015)

      Sears built a security data correlation and risk engine and had all of its data routed into a single security big data system, including behavior analytics, cyberthreat intelligence, geographic intelligence and other alerts.

      (Read Full Article)

      Comment Mentions:   Big Data   Analytics

    4. Don’t Stretch SIEM Beyond its Capabilities for Contextual Security Analytics

      Explore Lancope (Mar 4 2015)

      Security information and event management (SIEM) tools have been a staple in the cybersecurity industry for many years now. However, the evolution of security threats and the need for more responsive incident response processes tend to stretch these tools far beyond their practical use. Yet in many organizations, SIEM remains an anchor of their security strategy.

      (Read Full Article)

      Comment Mentions:   Big Data   Analytics

  3. Recent Articles for Big Data in IT

    1. Hadoop is probably as mature as it's going to get

      Explore infoworld.com (Mar 3 2015)

      Five years ago, Hadoop came roaring into the mainstream as the solutions to all big data problems. Now that reality has settled in, it's time for a more realistic assessment.

      (Read Full Article)

      Comment Mentions:   Forrester   InformationWeek   Hadoop

    2. A Brief History of Big Data Everyone Should Read

      Explore Midsize Insider (Feb 24 2015)

      What this teaches us is that Big Data is not a new or isolated phenomenon, but one that is part of a long evolution of capturing and using data. Like other key developments in data storage, data processing and the Internet, Big Data is just a further step that will bring change to the way we run business and society. At the same time it will lay the foundations on which many evolutions will be built.

      (Read Full Article)

      Comment Mentions:   IBM   Google   Gartner

    3. Bank of America Researchers Submit Patent Application, "Cyber Security Analytics Architecture"

      Explore Stock Market Quotes and News (Feb 12 2015)

      VerticalNews correspondents also obtained the inventors' summary information for this patent application: "The following presents a simplified summary of the present disclosure:

      "Certain aspects disclose a computer-implemented method comprising: transferring, at a security event manager, data to a security data warehouse; comparing the data, at the security data warehouse, to information stored in a risk ontology, wherein the comparing is performed to determine whether the data should be transferred to a security information manager; receiving, at the security information manager, the data when the security data warehouse determines that the data should be transferred to the security information manager; comparing ...

      (Read Full Article)

      Comment Mentions:   Analytics

    4. Log Data Outranks Traditional Data Sources for Network Operations Management

      Explore APMdigest (Feb 6 2015)

      EMA has been tracking the role that network log data plays in network management disciplines for years. What is most striking is that log data now outranks traditional network management data sources such as SNMP, NetFlow, and packet analysis as most heavily used and valued for multiple use cases.

      (Read Full Article)

      Comment Mentions:   BSM   CA Technologies   Application Performance Management

  4. Recent Articles for Machine Learning Analytics

    1. IoT Won’t Work Without Artificial Intelligence

      Explore Wired.com (Nov 13 2014)

      In an IoT situation, machine learning can help companies take the billions of data points they have and boil them down to what’s really meaningful. The general premise is the same as in the retail applications – review and analyze the data you’ve collected to find patterns or similarities that can be learned from, so that better decisions can be made.

      (Read Full Article)

      Comment Mentions:   Artificial Intelligence   Mark Jaffe

    2. Making Sense of IoT Data With Machine Learning Technologies - Forbes

      Explore forbes.com (Sep 4 2014)

      As companies embark on the long journey of harvesting large amounts of data from connected devices and sensors, the valuable insights hidden in the data are driving up costs and not adding to the bottom line. How can these companies get these insights to market faster while reducing the risk of project failure? One way is to leverage the expertise of companies whose core competency is machine learning. One interesting use case comes from Prelert, a self-described anomaly detection company...

      (Read Full Article)

      Comment Mentions:   Prelert

    3. Sophie Chang Named VP of Engineering at Preler

      Explore businesswire.com (Aug 12 2014)

      Prelert , the anomaly detection company, today announced that it has hired Sophie Chang as Vice President of Engineering to lead its U.K.-based engineering team. In this role, Chang will be responsible for product development and managing all aspects of the team’s activities, helping to enhance Prelert’s machine learning-based anomaly detection engine. Chang brings more than ten years of senior executive experience to her new role, most notably through her time as VP Software at 1E, a fast-growing and successful B2B IT efficiency software company. She was responsible for growing its technology team from two people to ...

      (Read Full Article)

      Comment Mentions:   Prelert   Mark Jaffe   Dr. Steve

    4. How Machine Learning Is Improving Computer Security

      Explore smartdatacollective.com (Jul 27 2014)

      The machine learning approach has a major advantage over the more traditional way of threat detection. With the traditional way, systems had to look for signatures that had already been determined to be a threat. Once these signatures were identified within a network, the system would have to either stop it from further infiltration, or eliminate it. This method has some rather obvious weaknesses, the main one being its non-predictive nature. Machine learning is able to address this major weakness by looking through data for certain patterns and signals, thus predicting future attacks and preventing them, letting the system stay ...

      (Read Full Article)


  5. Recent Articles

    1. SIEM/ DLP Add-on Brain?

      Explore Gartner Blog Network (Mar 3 2015)

      The good news is that now [there are] a decent number of vendors that offer, essentially, an add-on brain for your SIEM. Some can also add a brain to your DLP, since it turned out that DLP is pretty brainless as well…

      (Read Full Article)


    2. Identity Analytics: an Integral Element in Security Analytics

      Explore Access Risk Management Blog (Feb 27 2015)

      In the minds of most, security analytics is all about malware detection, event log analysis and event management. While those security measures are all needed and necessary, I think one crucial security analytics resource is missing from the equation: identity analytics and intelligence, or IAI.

      (Read Full Article)

      Comment Mentions:   Analytics   Breach

    3. Are You Overlooking 5 Critical IT Security Measures?

      Explore smartdatacollective.com (Feb 26 2015)

      Let me ask you something: How well equipped is your company to deal with and respond to a potential data breach? On a scale of 1-10. Do you know? Not sure? Experian put out an interesting report regarding data breach preparedness. They found that 23% of respondents believed that their organization doesn’t understand what needs to be done following a material data breach to prevent loss of customer and client trust.

      (Read Full Article)

      Comment Mentions:   BYOD   IT Security   Breach

    4. 3 reasons SSL encryption gives a false sense of security

      Explore Networks Asia (Feb 25 2015)

      Last year’s high-profile Secure Sockets Layer (SSL) vulnerabilities, such as Heartbleed and Padding Oracle On Downgraded Legacy Encryption (Poodle), have exposed weaknesses in the technology...

      (Read Full Article)

      Comment Mentions:   Application Performance Management   Gartner

  6. Recent Comments