The cloud-native platform for centralized log management
Analytics, visualizations, and workflows purpose built for practitioners
Leading firms gaining more value from their machine data
Any source, any velocity – centralize logs, metrics, and traces for full visibility.
Close the gap between detection and response with an analyst-focused, cloud-native approach.
Understand complex environments with visual analysis and KPIs that matter most.
The most recent articles & research from Devo
Taking the Five Second Rule Beyond the Dinner Table to Prevent Cyber Attacks
Five seconds might be a quick enough amount of time to salvage a dropped piece of food from the ground before it’s no longer edible, but five seconds is far too long to operate in real-time data analytics.
This doesn’t stop those in the data analytics industry from calling a five second latency “real-time,” which is misleading to the 69% of IT Decision Makers that actually want machine real-time data analytics, or sub-5 second latency. With rising cyber-attacks across new and old channels targeting both consumers and businesses, organizations are struggling to find new approaches to protect clients in a user-friendly, visual and as we mentioned above, real-time manner.
Such is the case with GoNet FPI (Fraud Prevention & Intelligence), which provides fraud analysis to help organizations protect the various channels they operate within, including online payments, digital transactions, social media monitoring, etc., from the risk of cyber attacks. The problem lies not in which channels need to be monitored, but how many channels are monitored by GoNet, as the sheer volume of data that needs to be digested, organized and analyzed–in machine real-time–is far too much for most Big Data management platforms to handle.
The Need for Machine Real-Time
Costs inflicted by cyber attacks take a significant toll on the economy. In 2016 alone, the average cost for a large organization in the United States to deal with cybercrime rose to more than $17M. But what are the key factors that drive up the costs of cybercrime for organizations? When it comes to cybersecurity, variables such as investing in software and hardware implementation may be costly, but time itself is the most significant factor that can cause organizations to incur excess costs.
Most security breaches go unnoticed for a period of time, during which the threat becomes increasingly costly to the target organization until it is detected and eradicated. In fact, 66% of breaches take months or even years to detect, all the while the organization loses annual revenue. Attacks go unnoticed because they are coming in higher volumes than ever and are becoming increasingly complex, thus a new approach is needed to help organizations analyze suspicious behavior streaming from a multitude of sources in machine real-time.
Increasing Volume & Complexity of Cyber Attacks
Scaling an organization’s cybersecurity approach to the levels and standards of today’s threats requires the ability to handle large and complex queries, perform advanced correlation and report the results in near real-time. With the insights gleaned from such capabilities, companies are able to very quickly recognize threatening behavior and shut it down. It may be a tall order, but many intelligence firms are stepping up to the plate and making tremendous strides in this area. GoNet, for instance, monitors 350,000 online fraud information sources, which it correlates and summarizes for its clients.
While GoNet’s old method of reporting relevant fraud information to its clients was through the use of Word and Excel reports, the large volumes of data generated by monitoring upwards of 350,000 data sources creates large volumes of data that are not easily consumed in these formats. Additionally, while GoNet used to operate by providing larger clients with an on-site staff to physically monitor systems in real-time to prevent attacks from happening or minimize the impact of attacks, this method was resource-intensive and most importantly, not scalable. However, by creating a customized platform that was able to ingest and present information from a huge number of specific anti-fraud sources, GoNet eliminated the need for the on-site staff to monitor the massive amount of fraud sources required by large organizations.
Shorter Time-to-Insight = Higher Rate of Fraud Prevention
In order to be actionable, insights must be derived within the early stages of a cyber attack. For example, GoNet evaluates fraudulent credit card transactions by querying continuously in real-time known fraudulent cards with current credit card transactions in order to spot the illegal activity. Fast visualization in machine real-time enables GoNet to derive immediate insights to combat fraudulent transactions as well as minimize manual tasks.
Insights are also supported through the analytic capabilities of the platform. By analyzing anonymous client data, insights are derived about where the next attack might come from, so that special attention can be given to those areas and prevent the potential threats.
Data integration presents an opportunity for organizations to combat the increase in cyber attacks, but in order to stay ahead of the pace of hackers, organizations must put forth the extra effort to beat the “five second” latency rule and achieve the ‘real-time’ standard. While Gartner has recognized the growing market of advanced analytics vendors, it is important that decision makers know what to look for, with ‘machine real-time’ at the top of their list.
Sign up to stay informed with the latest updates from Devo.