Overview

As the world continues to become hyperconnected, the number of events that any one organization, from government agencies to private sector businesses, must monitor for threats grows. Traditional cybersecurity systems are putting massive economical and technological strains on organizations as they struggle to continue to meet the scale required to detect growing threats to an organization. This is why Cloudera and its Threat Intelligence team has started to leverage Apache Spot (incubating) an open, collaborative community dedicated to fighting cybercrime. Cloudera’s Threat Intelligence Team is harnessing the power of big data and to build next generation cybersecurity analytic capabilities using Machine Learning. The big data platform allows both structured and unstructured data to be ingested from multiple sources beyond the traditional network and firewall data, but also cloud APIs, Cloud Access Security Broker feeds, Single Sign-On authentication, file permissions and downloads to detect both insider and external threats.

Cloudera’s Threat Intelligence Team is setting the standard for cybersecurity intelligence and machine learning using Apache Spot as its foundation. Today, Apache Spot’s primary use case is network traffic analysis for network flows, DNS, and proxy. Essentially, Spot enables identification of threats through anomalous event detection using both supervised and unsupervised machine learning. And Spot’s open data model strategy is extending Spot’s existing capabilities to unlock a broader set of future use cases. Those new use cases will be tried and tested at Cloudera internally by its Threat Intelligence Team.