analytics db
Businesses are using big data analytics for all kinds of purposes, from helping to improve operational processes to discovering market insights. However, with the growing threat of cyberattacks, many are turning to analytics to help protect their systems and comply with regulations. Here, we’ll take a close look at what security analytics is and how it can benefit businesses.
企业正在将大数据分析用于各种目的,从帮助改进运营流程到发现市场见解。 但是,随着网络攻击的威胁越来越大,许多人正在转向分析以帮助保护其系统并遵守法规。 在这里,我们将仔细研究什么是安全分析及其如何使企业受益。
安全分析–概述 (Security analytics – an overview)
Like all forms of data analytics, security analytics involves the collection and aggregation of a wide range of data from numerous sources. The purpose, however, is to analyse this data to discover vulnerabilities and threats to the security of a company’s systems and data. Data can be gathered from firewalls, routers, network traffic, antivirus software, OS event logs, business apps, cloud resources, ID verification and access management logs and endpoint data. It also uses employee and user behaviour data and third-party threat intelligence information. This is then analysed using specially developed security algorithms which seek out patterns and sequences that give insights into potential, emerging or existing threats.
像所有形式的数据分析一样,安全性分析涉及从众多来源收集和聚合大量数据。 但是,目的是分析此数据以发现对公司系统和数据安全性的漏洞和威胁。 可以从防火墙,路由器,网络流量,防病毒软件,操作系统事件日志,业务应用程序,云资源,ID验证和访问管理日志以及端点数据中收集数据。 它还使用员工和用户的行为数据以及第三方威胁情报信息。 然后使用专门开发的安全算法进行分析,以找出可潜在,新兴或现有威胁的见解的模式和序列。
Modern cybersecurity analytics tools also employ AI and machine learning, which enables them to learn from past experiences to continually improve their ongoing threat detection. So, as new threats evolve, they will be able to detect these too. Of crucial importance is that this is done in real-time so that threats can be dealt with proactively and stopped before an attack inflicts damage.
现代网络安全分析工具还利用AI和机器学习,这使他们能够从过去的经验中学习,以不断改进其进行中的威胁检测。 因此,随着新威胁的发展,它们也将能够检测到这些威胁。 至关重要的是,此操作是实时完成的,因此可以在攻击造成损害之前主动处理威胁并加以阻止。
安全分析的使用方式 (Ways in which security analytics can be used)
Security analytics can be used for a wide range of measures. It can detect links in network traffic activities which signify the emergence of a potential attack. It can discover attackers threatening to infiltrate a system’s endpoints, such as its laptops and mobile phones. It identifies vulnerable, compromised or prohibitively shared user accounts. It blocks unfamiliar communications channels, preventing data being copied, downloaded or transferred without authorisation. It can also safeguard against identity theft by stopping users from sending their details to other sites.
安全分析可用于多种措施。 它可以检测网络流量活动中的链接,这些链接表示潜在攻击的出现。 它可以发现攻击者威胁渗透到系统的端点,例如笔记本电脑和手机。 它标识易受攻击的,受到威胁的或禁止共享的用户帐户。 它阻止了不熟悉的通信渠道,从而防止未经授权就复制,下载或传输数据。 它还可以通过阻止用户将其详细信息发送到其他站点来防止身份盗用。
Security analytics can even be used to protect against internal threats; monitoring employee activity to identify intentional or negligent behaviours which put the system’s security at risk. It does this by employing algorithms that uncover suspicious actions which indicate threats or vulnerabilities.
安全分析甚至可以用来防御内部威胁。 监视员工活动,以识别故意或过失的行为,使系统的安全受到威胁。 它通过使用发现可表明威胁或漏洞的可疑行为的算法来做到这一点。
Compliance is another area in which security analytics can play an important role. Here, it can help automate compliance requirements, such as the gathering of log data, the management of data networks and the monitoring of data actions, enabling the company to compile reports and detect users not working in compliance with internal IT policies. Where incidents occur, security analytics can also assist in any forensic investigation, unearthing the activities and sources of the related events.
合规性是安全分析可以在其中发挥重要作用的另一个领域。 在这里,它可以帮助自动化合规性要求,例如日志数据的收集,数据网络的管理和数据操作的监视,使公司能够编译报告并检测不遵从内部IT策略工作的用户。 在发生事件的地方,安全分析还可以协助进行任何法证调查,挖掘相关事件的活动和来源。
使用安全分析的好处 (The benefits of using security analytics)
The chief benefit of using security analytics is that, aside from detecting threats and potential security breaches, it also alerts the company when these incidents are likely to happen and before they actually do. In this way, its insights enable the company to be proactive in its security.
使用安全分析的主要好处是,除了检测到威胁和潜在的安全漏洞外,它还可以在可能发生这些事件时以及在实际发生之前向公司发出警报。 通过这种方式,其洞察力使公司能够积极主动地进行安全保护。
With threats coming from a wide range of sources, such as hacking, malware, ransomware, phishing, internal sabotage and negligence, and with cybercriminals using far more sophisticated tools, some of which also make use of AI and machine learning, many companies can see real value in security analytics.
威胁来自各种来源,例如黑客,恶意软件,勒索软件,网络钓鱼,内部破坏和过失,以及使用更复杂工具的网络犯罪分子,其中一些还利用人工智能和机器学习,许多公司可以看到安全分析的真正价值。
云中的安全性 (Security in the cloud)
For companies using cloud-based systems, it is possible that your vendor already provides a wide range of robust security measures to protect your systems from cybercrime. Here at eukhost, for example, our cloud servers are protected with enterprise-class security. We work in partnership with Fortinet to offer next-gen FortiGate firewalls which feature intrusion prevention and inflow virus protection systems that detect and isolate threats before they reach your server.
对于使用基于云的系统的公司,您的供应商可能已经提供了一系列强大的安全措施,以保护您的系统免受网络犯罪的侵害。 例如,在eukhost,我们的云服务器受到企业级安全性的保护。 我们与Fortinet合作提供下一代FortiGate防火墙,该防火墙具有入侵防御和流入病毒防护系统,可在威胁到达您的服务器之前对其进行检测和隔离。
In addition, we provide extensive VPN features, DDoS protection, email security, SSL certificates, email signing certificates and more. For added peace of mind, we also provide the industry-leading Veeam backup solution, designed for cloud infrastructures. It features virtual machine backups, replication and encryption which keep your data secure in case of system failure, data corruption, bad updates, ransomware or human error.
此外,我们提供广泛的VPN功能,DDoS保护,电子邮件安全性,SSL证书,电子邮件签名证书等。 为了更加省心,我们还提供了针对云基础架构而设计的行业领先的Veeam备份解决方案。 它具有虚拟机备份,复制和加密功能,可在系统出现故障,数据损坏,更新错误,勒索软件或人为错误时保护您的数据安全。
When it comes to compliance, the security we provide helps companies meet regulations such as GDPR and PCI DSS. With regard to the latter, all our cloud servers are PCI compliance capable and we can provide the server environment required for this purpose.
关于合规性,我们提供的安全性可帮助公司满足GDPR和PCI DSS等法规。 关于后者,我们所有的云服务器都具有PCI合规性,我们可以提供为此目的所需的服务器环境。
结论 (Conclusion)
As threats become increasingly more advanced, it is good to know that technologies to protect IT systems, such as security analytics, are being developed and deployed to combat them. The best place to host such big data analytics, of course, is in the cloud. It’s reassuring, therefore, that the cloud, itself, already comes with a range of robust security measures to protect you, whether you use security analytics or not.
随着威胁变得越来越高级,很高兴知道正在开发和部署用于保护IT系统的技术(例如安全分析)来应对这些威胁。 当然,托管此类大数据分析的最佳位置是在云中。 因此,可以放心的是,无论是否使用安全分析,云本身都已经具有一系列强大的安全措施来保护您。
For more information, visit our cloud hosting or enterprise hosting pages.
翻译自: https://www.eukhost.com/blog/webhosting/how-analytics-can-help-businesses-stay-secure/
analytics db
扫一扫
4753
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
