Rafael San Miguel Carrasco, Senior Specialist, British Telecom EMEA
This case study is framed in a multinational company with 300k+ employees, present in 100+ countries, that is adding one extra layer of security based on big data analytics capabilities, in order to provide net-new value to their ongoing SOC-related investments.
Having billions of events being generated on a weekly basis, real-time monitoring must be complemented with deep analysis to hunt targeted and advanced attacks.
By leveraging a cloud-based Spark cluster, ElasticSearch, R, Scala and PowerBI, a security analytics platform based on anomaly detection is being progressively implemented.
Anomalies are spotted by applying well-known analytics techniques, from data transformation and mining to clustering, graph analysis, topic modeling, classification and dimensionality reduction.