Last week, we hosted a webcast titled “Predictive Security: Big Data or Big Marketing?” featuring OpenDNS CTO Dan Hubbard and special guest Rick Holland, Principal Analyst at Forrester Research, Inc. They lead a technical discussion on the challenges facing current solutions in the security industry, the importance of the cloud in Big Data, and what makes Big Data interesting. They also shared insights on how Umbrella by OpenDNS uses Big Data to provide better security.
If you were unable to join us—or just want a refresher—I’ve listed the 5 most important takeaways from the conversation:
Attackers are aware of the Big Data trend, and are exploiting it for their own benefit.
As anyone in the industry will tell you, defenders are locked in a seemingly endless game of cat and mouse with attackers. For every new innovation introduced by security services, bad actors adopt new techniques to elude detection. Big Data can provide insight into these activities that wasn’t possible before, but it’s important to remember that there is no silver bullet.
Intelligence is a large part of the Big Data conversation.
It’s easy to forget the analysis aspect of Intelligence—you need to understand what you’re getting from Big Data, and how it applies to your organization, strategically. Having predictive protection in place frees up time your team can use to analyze resources, and why someone might try to access them. With Big Data, you can understand a threat and decide on the best response for your organization with a level of clarity that wasn’t available before.
Big Data is at the core of Umbrella Security.
The basic tenet of the Umbrella Security Suite is simple: it’s designed to protect your users and data on any device, anywhere, anytime. We do this by taking the huge amount of data generated by our 50 million daily users and running it through the Security Graph, applying data mining and algorithmic classification techniques to identify malicious activity. If you try to access a site we know to host malware, we respond with a block page—the goal being to prevent user access to the site and protect your data. Utilizing Big Data analysis, we can see a complete threat picture and stay one step ahead of any bad actors that might be targeting your network.
Umbrella detects and prevents malware from ever reaching your network.
The time it takes to detect a malicious site depends on several variables—how it was created, how it works, etc. The problem with current security technology is that a copy of the attack is needed in order to protect against it, and the time it takes to update defenses and mitigate a threat is already too long. With Umbrella’s predictive security, there’s no waiting. In fact, we block domains before they can become malicious. Our security is built on algorithmic classification and machine learning enabling us to predict attacks before they happen and protect against them before they can cause damage for our customers.
Umbrella can identify malicious domains, even if no data exists about that domain.
Even though Umbrella by OpenDNS is built on the power of Big Data analysis, it’s still effective at blocking threats from domains about which we have no data. It’s exceedingly rare that there is no known information about a given domain; however, if that is the case, evidence of the attack can still be found. Often there will be small pieces of data left by an attacker; these can include the observing the attacker set up a domain and test it, analyzing the Patient 0 of the attack, or observing how an attacker registers or hosts the domain. If no such data exists, other systems like reputation management or behavioral analysis tools help to stack our defenses against attacks with little known information, keeping users protected.
Watch the full 40-minute webcast on demand here.