Role of Data Correlation in Security

With the upward trend in security breaches, from high profile credit card breaches to massive password hacks, fraudsters are getting more sophisticated. Many consumer facing websites are targeted as the first step in a broader attack on an enterprise. Unless bad actors’ behavior is watched and acted upon in real-time, these types of breaches will continue to make headlines.

Big data analytics—which brings in data from multiple sources to perform cross channel analysis is a key component in the fight against security breaches.  Typically, account information, device information and logs are readily available for such analysis, but the correlation of such data with the actual HTTP transaction information is the key to understanding user behavior patterns. This not only helps predict the repetition of threats that occurred, but also helps predict new threats based on suspicious activities. Once an account take over attack is identified, for example, tracking and grouping similar suspicious behavior patterns from other IPs allows the isolation and blocking of those IPs to mitigate the risk of additional attacks.

Mobile is another level of risk.  As the mobile channel continues to grow as a popular way for consumers to communicate with business, fraudsters and cybercriminals will find loopholes to exploit.  Therefore, correlation of mobile along with web traffic is also crucial in covering broader range of threats.

We are entering uncharted territory in security.  The landscape is rapidly changing and as organizations look to fight new threats it’s important to have the right information in real-time, analytical tools to help correlate and analyze that information and smart investigation tools that can help mitigate and even prevent these threats.

No Comments