Google Git
Sign in
apache / incubator-spot / refs/heads/spot-297-update-remaining-website-copyright-years / . / open-network-insight-3-most-asked-questions / index.html
blob: 0fe7e48958adb53a980b3bbd86c47a6355216311 [file] [log] [blame]
<!doctype html>
<!--[if lt IE 7]><html lang="en-US" class="no-js lt-ie9 lt-ie8 lt-ie7"><![endif]-->
<!--[if (IE 7)&!(IEMobile)]><html lang="en-US" class="no-js lt-ie9 lt-ie8"><![endif]-->
<!--[if (IE 8)&!(IEMobile)]><html lang="en-US" class="no-js lt-ie9"><![endif]-->
<!--[if gt IE 8]><!-->
<html lang="en-US" class="no-js">
<!--<![endif]-->
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<title>Apache Spot Apache Spot: Three Most-Asked Questions</title>
<meta name="HandheldFriendly" content="True">
<meta name="MobileOptimized" content="320">
<meta name="viewport" content="width=device-width, initial-scale=1"/>
<link rel="apple-touch-icon" href="../wp-content/themes/oni/library/images/apple-touch-icon.png">
<link rel="icon" href="../wp-content/themes/oni/favicon.png">
<!--[if IE]>
<link rel="shortcut icon" href="../wp-content/themes/oni/favicon.ico">
<![endif]-->
<meta name="msapplication-TileColor" content="#f01d4f">
<meta name="msapplication-TileImage" content="../wp-content/themes/oni/library/images/win8-tile-icon.png">
<meta name="theme-color" content="#121212">
<link rel="pingback" href="../xmlrpc.php">
<link rel='dns-prefetch' href='//fonts.googleapis.com' />
<link rel='dns-prefetch' href='//s.w.org' />
<link rel="alternate" type="application/rss+xml" title="Apache Spot &raquo; Feed" href="../feed/" />
<link rel="alternate" type="application/rss+xml" title="Apache Spot &raquo; Comments Feed" href="../comments/feed/" />
<link rel="alternate" type="application/rss+xml" title="Apache Spot &raquo; Apache Spot: Three Most-Asked Questions Comments Feed" href="../open-network-insight-3-most-asked-questions/feed/" />
<script type="text/javascript">
window._wpemojiSettings = {
"baseUrl" : "https:\/\/s.w.org\/images\/core\/emoji\/2\/72x72\/",
"ext" : ".png",
"svgUrl" : "https:\/\/s.w.org\/images\/core\/emoji\/2\/svg\/",
"svgExt" : ".svg",
"source" : {
"concatemoji" : "http:\/\/spot.incubator.apache.org\/wp-includes\/js\/wp-emoji-release.min.js"
}
}; ! function(a, b, c) {
function d(a) {
var c,
d,
e,
f,
g,
h = b.createElement("canvas"),
i = h.getContext && h.getContext("2d"),
j = String.fromCharCode;
if (!i || !i.fillText)
return !1;
switch(i.textBaseline="top",i.font="600 32px Arial",a) {
case"flag":
return i.fillText(j(55356, 56806, 55356, 56826), 0, 0), !(h.toDataURL().length < 3e3) && (i.clearRect(0, 0, h.width, h.height), i.fillText(j(55356, 57331, 65039, 8205, 55356, 57096), 0, 0),
c = h.toDataURL(), i.clearRect(0, 0, h.width, h.height), i.fillText(j(55356, 57331, 55356, 57096), 0, 0),
d = h.toDataURL(), c !== d);
case"diversity":
return i.fillText(j(55356, 57221), 0, 0),
e = i.getImageData(16, 16, 1, 1).data,
f = e[0] + "," + e[1] + "," + e[2] + "," + e[3], i.fillText(j(55356, 57221, 55356, 57343), 0, 0),
e = i.getImageData(16, 16, 1, 1).data,
g = e[0] + "," + e[1] + "," + e[2] + "," + e[3], f !== g;
case"simple":
return i.fillText(j(55357, 56835), 0, 0), 0 !== i.getImageData(16,16,1,1).data[0];
case"unicode8":
return i.fillText(j(55356, 57135), 0, 0), 0 !== i.getImageData(16,16,1,1).data[0];
case"unicode9":
return i.fillText(j(55358, 56631), 0, 0), 0 !== i.getImageData(16,16,1,1).data[0]
}
return !1
}
function e(a) {
var c = b.createElement("script");
c.src = a, c.type = "text/javascript", b.getElementsByTagName("head")[0].appendChild(c)
}
var f,
g,
h,
i;
for ( i = Array("simple", "flag", "unicode8", "diversity", "unicode9"), c.supports = {
everything : !0,
everythingExceptFlag : !0
},
h = 0; h < i.length; h++)
c.supports[i[h]] = d(i[h]), c.supports.everything = c.supports.everything && c.supports[i[h]], "flag" !== i[h] && (c.supports.everythingExceptFlag = c.supports.everythingExceptFlag && c.supports[i[h]]);
c.supports.everythingExceptFlag = c.supports.everythingExceptFlag && !c.supports.flag, c.DOMReady = !1, c.readyCallback = function() {
c.DOMReady = !0
}, c.supports.everything || ( g = function() {
c.readyCallback()
}, b.addEventListener ? (b.addEventListener("DOMContentLoaded", g, !1), a.addEventListener("load", g, !1)) : (a.attachEvent("onload", g), b.attachEvent("onreadystatechange", function() {
"complete" === b.readyState && c.readyCallback()
})),
f = c.source || {}, f.concatemoji ? e(f.concatemoji) : f.wpemoji && f.twemoji && (e(f.twemoji), e(f.wpemoji)))
}(window, document, window._wpemojiSettings);
</script>
<style type="text/css">
img.wp-smiley, img.emoji {
display: inline !important;
border: none !important;
box-shadow: none !important;
height: 1em !important;
width: 1em !important;
margin: 0 .07em !important;
vertical-align: -0.1em !important;
background: none !important;
padding: 0 !important;
}
</style>
<link rel='stylesheet' id='googleFonts-css' href='http://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%2C700italic' type='text/css' media='all' />
<link rel='stylesheet' id='bones-stylesheet-css' href='../wp-content/themes/oni/library/css/style.css' type='text/css' media='all' />
<!--[if lt IE 9]>
<link rel='stylesheet' id='bones-ie-only-css' href='../wp-content/themes/oni/library/css/ie.css' type='text/css' media='all' />
<![endif]-->
<link rel='stylesheet' id='mm-css-css' href='../wp-content/themes/oni/library/css/meanmenu.css' type='text/css' media='all' />
<script type='text/javascript' src='../wp-content/themes/oni/library/js/libs/modernizr.custom.min.js'></script>
<script type='text/javascript' src='../wp-includes/js/jquery/jquery.js'></script>
<script type='text/javascript' src='../wp-includes/js/jquery/jquery-migrate.min.js'></script>
<script type='text/javascript' src='../wp-content/themes/oni/library/js/jquery.meanmenu.js'></script>
<link rel='https://api.w.org/' href='../wp-json/' />
<link rel="canonical" href="../open-network-insight-3-most-asked-questions/" />
<link rel='shortlink' href='../?p=62' />
<link rel="alternate" type="application/json+oembed" href="../wp-json/oembed/1.0/embed?url=http%3A%2F%2Fnolamarketing.com%2Fclient%2Foni%2Fopen-network-insight-3-most-asked-questions%2F" />
<link rel="alternate" type="text/xml+oembed" href="../wp-json/oembed/1.0/embed?url=http%3A%2F%2Fnolamarketing.com%2Fclient%2Foni%2Fopen-network-insight-3-most-asked-questions%2F&#038;format=xml" />
<script>
(function(i, s, o, g, r, a, m) {
i['GoogleAnalyticsObject'] = r;
i[r] = i[r] ||
function() {
(i[r].q = i[r].q || []).push(arguments)
}, i[r].l = 1 * new Date();
a = s.createElement(o),
m = s.getElementsByTagName(o)[0];
a.async = 1;
a.src = g;
m.parentNode.insertBefore(a, m)
})(window, document, 'script', '//www.google-analytics.com/analytics.js', 'ga');
ga('create', 'UA-75955621-1', 'auto');
ga('send', 'pageview');
</script>
</head>
<body class="single single-post postid-62 single-format-standard" itemscope itemtype="http://schema.org/WebPage">
<div id="container">
<header class="header" role="banner" itemscope itemtype="http://schema.org/WPHeader">
<div id="inner-header" class="wrap cf">
<p id="logo" class="h1" itemscope itemtype="http://schema.org/Organization">
<a href="http://spot.incubator.apache.org" rel="nofollow"><img src="../wp-content/themes/oni/library/images/logo.png" alt="Open Network Insight" /></a>
</p>
<nav role="navigation" itemscope itemtype="http://schema.org/SiteNavigationElement">
<ul id="menu-main-menu" class="nav top-nav cf">
<li id="menu-item-129" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-129">
<a target="_blank" href="https://github.com/Open-Network-Insight/open-network-insight">Get Started</a>
</li>
<li id="menu-item-5" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-5">
<a target="_blank" href="https://github.com/Open-Network-Insight/open-network-insight#if-you-want-all-of-the-oni-code-at-once-just-clone-it">GitHub</a>
</li>
<li id="menu-item-130" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-130">
<a target="_blank" href="https://github.com/Open-Network-Insight/open-network-insight#contributing-to-oni">Contribute</a>
</li>
<li id="menu-item-106" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-106">
<a target="_blank" href="https://github.com/Open-Network-Insight/open-network-insight/wiki">Wiki</a>
</li>
<li id="menu-item-13" class="menu-item menu-item-type-post_type menu-item-object-page current_page_parent menu-item-13">
<a href="../blog/">Blog</a>
</li>
</ul>
</nav>
</div>
</header>
<div id="mobile-nav"></div>
<div id="content">
<div id="inner-content" class="wrap cf">
<main id="main" class="m-all t-2of3 d-5of7 cf" role="main" itemscope itemprop="mainContentOfPage" itemtype="http://schema.org/Blog">
<article id="post-62" class="cf post-62 post type-post status-publish format-standard hentry category-security-analytics tag-github tag-open-network-insight tag-open-source" role="article" itemscope itemprop="blogPost" itemtype="http://schema.org/BlogPosting">
<header class="article-header entry-header">
<h1 class="entry-title single-title" itemprop="headline" rel="bookmark">Apache Spot: Three Most-Asked Questions</h1>
<p class="byline entry-meta vcard">
<time class="updated entry-time" datetime="2016-03-29" itemprop="datePublished">
March 29, 2016
</time>
</span>
</p>
</header>
<section class="entry-content cf" itemprop="articleBody">
<p>
While this is not the first blog post about Apache Spot, it is the first one by a creator of the solution. As a security data scientist in Intel&#8217;s Data Center Group, I joined a small team to start thinking about solving really hard problems in cloud analytics. The team grew, and out of that effort, came Apache Spot. Since we started talking about the project, these are the three questions I am asked the most.
</p>
<p>
<strong>What Is Apache Spot?</strong>
<br />
Apache Spot is an open source, flow and packet analytics solution built on Hadoop. It combines big data processing, at-scale machine learning, and unique security analytics to put potential threats in front of defenders. While I am a data scientist today, I was a security investigator just a few years ago. I wanted to develop a solution that would put new tools and technology in play for defenders, but without requiring them to walk away from security and get a math degree.
</p>
<p>
We wanted to start with the hard problems, so we looked at the emerging need to analyze data that was produced at a scale outside what a lot of security solutions could handle. The data is being created today, and lack of visibility into that data gives attackers a profound advantage. Also, in this new era of security, many defenders (public and private sector) have to answer to their citizens and customers when these threats occur. In other words, an event that says &#8220;this attack was blocked&#8221; is insufficient; an organization needs to see what happened before, during, and after a particular machine was attacked at a particular time. The problem is summarized in a slide from a <a href="http://www.youtube.com/watch?v=mOZjMuBLYyM" target="_blank">FloCon talk</a>
<br />
<a href="../wp-content/uploads/2016/03/FloCon2015.png" rel="attachment wp-att-66"><img class="aligncenter size-full wp-image-66" src="../wp-content/uploads/2016/03/FloCon2015.png" alt="open source packet and flow analytics" width="960" height="720" srcset="../wp-content/uploads/2016/03/FloCon2015.png 960w, ../wp-content/uploads/2016/03/FloCon2015-300x225.png 300w, ../wp-content/uploads/2016/03/FloCon2015-768x576.png 768w" sizes="(max-width: 960px) 100vw, 960px" /></a>
</p>
<p>
The gist is that while processing is a challenge at higher scales, the amount of insight gained is higher when analyzing flows and packets from key protocols (like DNS). And that&#8217;s how we got here.
</p>
<p>
<strong>Why Intel?</strong>
</p>
<p>
At Intel, I have worked in IT, for a security product company (McAfee), and in the Data Center Group. Intel IT was an early pioneer of the concept of proactive investigations to protect intellectual property. McAfee (now Intel Security Group) has a broad customer base in the realms of network, endpoint, and content security, to name only a few. And the Intel Data Center group has strategic partnerships with Cloudera and Accenture, as well as some pretty cool analytics efforts of their own. Add the performance benefits we achieve with Intel Architecture, especially the Intel MPI Library and Intel Math Kernel Library, and it certainly makes sense to me.
</p>
<p>
<strong>Why Open Source?</strong>
</p>
<p>
I learned from my earlier efforts in security analytics, that to invite collaboration from academia, the public sector, and the private sector, open source software is an excellent choice. We are now seeking to build a community of developers, data scientists, and security enthusiasts to grow Apache Spot into something we can all be proud of. We have also chosen an Apache software license, so that it can enrich commercial software offerings as well.
</p>
<p>
The greatest thing for me since we announced at RSA is to hear OTHER people talk about Apache Spot (formerly Open Network Insight or ONI), here are some of my favorites, from <a href="http://vision.cloudera.com/open-network-insight-changing-infosec-data-science-forever/" target="_blank">a Data Scientist @ eBay </a>, <a href="https://newsroom.accenture.com/news/accenture-introduces-the-accenture-cyber-intelligence-platform-to-help-organizations-continuously-predict-detect-and-combat-cyber-attacks.htm" target="_blank">a Security Provider</a>, and <a href="http://vision.cloudera.com/adaptive-security-at-big-data-scale-for-next-generation-digital-security/" target="_blank">a Big Data company</a>.
</p>
<p>
Fork us on Github!
</p>
<p>
Grant Babb
</p>
</section>
<footer class="article-footer">
filed under: <a href="../category/security-analytics/" rel="category tag">Security Analytics</a>
<p class="tags">
<span class="tags-title">Tags:</span><a href="../tag/github/" rel="tag">github</a>, <a href="../tag/open-network-insight/" rel="tag">open network insight</a>, <a href="../tag/open-source/" rel="tag">open source</a>
</p>
</footer>
</article>
</main>
<div id="sidebar1" class="sidebar m-all t-1of3 d-2of7 last-col cf" role="complementary">
<div id="recent-posts-2" class="widget widget_recent_entries">
<h4 class="widgettitle">Recent Posts</h4>
<ul>
<li>
<a href="../open-network-insight-oni-and-cybersecurity-using-netflows-to-detect-threats-to-critical-infrastructure/">Apache Spot and Cybersecurity — Using NetFlows to Detect Threats to Critical Infrastructure</a>
</li>
<li>
<a href="../how-open-network-insight-helps-create-well-stocked-data-lakes-and-catch-powerful-insights/">How Apache Spot Helps Create Well-Stocked Data Lakes and Catch Powerful Insights</a>
</li>
<li>
<a href="../open-network-insight-3-most-asked-questions/">Apache Spot: Three Most-Asked Questions</a>
</li>
</ul>
</div>
<div id="archives-2" class="widget widget_archive">
<h4 class="widgettitle">Archives</h4>
<ul>
<li>
<a href='../2016/08/'>August 2016</a>
</li>
<li>
<a href='../2016/03/'>March 2016</a>
</li>
</ul>
</div>
</div>
</div>
</div>
<footer class="footer" role="contentinfo" itemscope itemtype="http://schema.org/WPFooter">
<div id="inner-footer" class="wrap cf">
<nav role="navigation"></nav>
<p class="source-org copyright" style="text-align:center;">
&copy; 2020 Apache Spot.
</p>
</div>
</footer>
</div>
<script type='text/javascript' src='../wp-includes/js/comment-reply.min.js'></script>
<script type='text/javascript' src='../wp-content/themes/oni/library/js/scripts.js'></script>
<script type='text/javascript' src='../wp-includes/js/wp-embed.min.js'></script>
</body>
</html>
<!-- end of site. what a ride! -->