Centrify Contributes to Apache Spot (incubating)
In July, Centrify joined the Open Network Insight Project (ONI) to bring Identity data into cybersecurity applications that leverage ONI, and to share related threat analytics and intelligence among industry peers. In the meantime, ONI has become Apache Spot (incubating) and today we wanted to write a bit more about why Identity is important to Apache Spot and what it really means.
What does Centrify have to do with Spot?
Spot is an open source, community-developed network data model that delivers visibility into security threats by providing advanced threat detection using big data analytics. Spot uses machine learning as a filter for separating suspicious network traffic from benign and to characterize the unique behavior of network traffic.
Apache Spot provides an open data model for Network data, and with the addition of Centrify to the project, this will be extended to include an open data model for identity / user data as well. By extending Spot’s open data model into Identity, Centrify is enabling customers to add a rich source of data to the mix to help find the insight needed to protect their networks and assets from attack.
What does this Really Mean?
Centrify is endeavoring to help customers protect themselves from cyberthreats by enriching existing security data with information that Centrify captures through the Centrify Identity Platform. Centrify has the unique capability to capture activity from end users AND privileged users providing customers an extremely valuable correlation point for activity moving laterally across their networks.
Insights into how identities are being used are critical, as hijacked credentials have led to some of the largest compromises in history. The 2016 Verizon Data Breach Investigations Report (DBIR) states that stolen and misused credentials continue to play a major role in most data breaches. With Centrify, Apache Spot will provide on-demand analytics needed to understand how user accounts and activities are impacting security and compliance. Many Security tools currently attempt to discern and correlate network activity through device or host identifiers like MAC Address or IP Address which can be spoofed or falsified. Only with the true knowledge of Identity can we really learn who did what. By tying identities to devices and or IP addresses we can more accurately determine how an attacker might move laterally through a network- making it more likely we will find the threat before data can be exfiltrated. Ultimately, Centrify is participating in Apache Spot to help customers bring one of the best data sources out there to the battle against cyberthreats — identity. Only Centrify with is unique offerings can protect both End Users and Privileged Users and give Apache Spot a depth of knowledge about identity to put together the open data model for identity that Apache Spot will use going forward.
Centrify is proud to be contributing to Apache Spot. Read more about the announcement here.
To find our more about Apache Spot or to contribute to this project, click here.
For more on the Centrify partnership with Cloudera, read:
