BAE Systems Detica is to launch a tool that combines Big Data analytics with event analysis and investigation tools.
The CyberReveal tool detects anomalies and threats using statistics from other technologies and was intended to help solve the notion of built-up - complex solutions delivering event data that is unmanageable and unviewable.
“We took a top-down approach, as there can be millions of events every day and a lot boils down to what you need to investigate by risk scoring," BAE Systems cyber security managing director Dave Garfield said.
“... You want to generate a window during the investigation where you can see a targeted attack via a series of email attachments or a number of users visiting the same website.
“It is hard to say what is an indicator of a targeted attack. This [tool] will monitor, analyse and assist in the decision making to deliver better security and be efficient enough to do a proper investigation,” he said.
The company said the tool processes billions of data records and gives analysts a single view of network activity across their IT estate, detecting attacks by behaviour.
It was the first time the technology was made available for in-house analysts.
