01. Ram Varadarajan, Acalvio, visits #theCUBE!. (00:19) 02. Background of Acalvio and the Splunk Relationship. (00:45) 03. Machine Learning and Security: Differentiating Acalvio. (02:31) 04. Unsupervised Machine Learning. (04:57) 05. Getting Wise to the Attackers' Methods. (07:45) 06. "Blending In" to Avoid Attackers. (09:04) 07. Perceiving the Patterns of Attackers. (10:24) 08. Algorithms and Keys. (11:28) 09. Tracing the Attacker's Path. (12:36) 10. New Tools for Unsupervised Attacks. (13:13) 11. Automation and Intelligence: Security Can Work. (13:57) Track List created with http://www.vinjavideo.com. --- --- A motion detector for enterprise data: Building smarter security | #splunkconf16 by R. Danes | Sep 29, 2016 Anyone who uses a personal computer with a firewall knows that however secure that system may be, it’s not particularly smart. Yes it blocks threats, but it tends not to reveal much about them — and it sometimes blocks perfectly innocent applications. Likewise, businesses with very large assets at risk have traditionally had to make do with firewalls and all their imperfections. Now some vendors are stepping up their game and using data to develop brainier enterprise security systems. Ram Varadarajan, founder, chairman and CEO of Acalvio Technologies, said the firewall is like the lock on a door — it can keep out intruders, but it doesn’t give much intelligence on them. He said his company has developed a tool called Deception that does more. “Think of it as a motion detector for your enterprise,” he told John Furrier (@furrier) and John Walls (@JohnWalls21), cohosts of theCUBE, from the SiliconANGLE Media team, during Splunk.conf 2016. Haystack, meet metal detector “We want the anomaly to announce itself,” he said. Further, using Splunk data tools, the company can then glean information on the attacker. “We actually go and mine for specific information without having to build an ocean of data,” Varadarajan said. “We just need to follow a thread.” Forensic data science The data-centric approach has another benefit over simply bolting the doors, so to speak, with a firewall, Varadarajan stated. When an attacker touches a decoy, “we can actually trace the path the attacker took in order to reach the decoy,” he said, adding that feeding this information back into the system makes it smarter. “If you know the patterns of the attackers, you can set the decoys in clever ways.”