Market Research Logo

"Big Data" Analytics in Network Security: Computational Automation of Security Professionals

"Big Data" Analytics in Network Security: Computational Automation of Security Professionals

The reality of today’s Internet is that cyber threats are becoming increasingly more sophisticated. In the not too distant past, cyber-attacks were executed using rudimentary and standard malicious binaries, often referred to as viruses. Defending against these early malicious binaries was effectively accomplished by signature based antivirus Web and email content filtering platforms, which would rely on an actual pattern or static image of the binary.

Cyber criminals, many of whom are sophisticated, profit-maximizing members of organized crime, looked to increase the return on the investment that they had in their malicious code. The result was that the cybercriminal community discovered that they could continuously modify the way that their malicious binaries or executables appeared, such that signatures could no longer be applied effectively. The age of polymorphic malicious binaries was born.

Polymorphism can be very complicated or very basic. Simply put, polymorphism is the modification of the way the executable looks, without executing it. If the code of the binary looks different, the signature for the code will also be different, rendering signature based defenses, such as those often included in antivirus solutions, ineffective.

About this report

In this SPIE, we discuss the role of signature based defenses in this new APT reality. We also discuss behavioral-based cyber defenses. Finally, we delve into one form of behavioral cyber defense: advanced security analytics.


  • Introduction1
  • Limitations of Signature-based Defenses
  • Behavioral Cyber Defense
  • Advanced Security Analytics
    • Analytics
    • It's a Process
  • The Practical Application of Advanced Analytics in Security
    • Network Flow Data
    • Full PCAP
  • Illustrative Advanced Analytics Examples
    • Cisco Managed Threat Defense
    • Dell SecureWorks Advanced Endpoint Threat Detection
    • IBM QRadar
  • The Security Analytics Value Equation
    • Product Development is Embedded in the Delivery
    • Some Organizations Have a Structural Advantage in Security Analytics
    • Simply Connecting a Sensor to an Analytics Platform Does Not Create Value
    • The Value of Security Intelligence Cannot be Overstated
  • The Last Word

Download our eBook: How to Succeed Using Market Research

Learn how to effectively navigate the market research process to help guide your organization on the journey to success.

Download eBook

Share this report