“We really need to take on this project, but I don’t have the resources.
There aren’t enough hours in the day to tackle that problem.”
I’ve heard comments like this for many years throughout my career in the network, security and now in the Big Data sectors.
The “time vs money” dilemma is common. You know what is needed to solve a problem, but there are not enough hours in the day to commit to solving it. Countless vendors offer interesting point solutions that can help an organization tackle a particular problem. This is how firewalls, load-balancers, IPS and WAFs have staked their claims and won customers. However, each solution is unique and requires its own set of expertise, a significant investment in time for configuration, monitoring, and management. More often than not, the cost to the organization ends up outweighing the benefit. As frustrating as that may be, as Ben Franklin said, “time is money.”
Even when organizations can afford to invest the time and money in multiple point solutions, they typically find themselves frustrated or limited by these technologies. What they end up with are dozens of solutions that are not integrated and can’t be fully leveraged for the data they provide. Clearly, there is a lack of integration in the industry. Many vendors claim integration but what they really are saying is that they can interface with another vendors’ system in limited form. This restricts the ability to combine technologies from different vendors to actually solve the larger problem—being able to have complete situational awareness. The only way to truly integrate these disparate technologies is by investing in significant development or outsourcing initiatives to get what you need. More time and money is required and again, the end result may miss the intended mark.
SIEM was supposed to solve the pain of cobbling together multiple devices from multiple vendors. However, these solutions have focused primarily on compliance. The lack of pervasive mindshare around the SIEM solution seems to indicate the industry has missed the integration mark. More recently, some are attempting to leverage Hadoop to fill this unification gap for analysis of large amounts of data. While Hadoop’s batch processing may be effective for marketing, financial, or other analytics that can get by with older data, it was not built to be a real time application, a necessity for the security industry.
Over the last several months, organizations have been asking us how they can save time by reducing the burden of repetitive, manual processes. How much time and money would you save if you could analyze all of your data with human-like logic in real time? You would be able to connect the dots and solve problems in ways you never imagined. It’s amazing to see what talented people can do with a flexible platform. Customers have leveraged our platform to turn a 90+ minute manual process for advanced threat discovery into a real time detection tool with automated forensics. By using our platform to integrate technologies with data not previously possible, the security team is no longer at a major disadvantage against critical threats—where a minute could be the difference in preventing a data breach.
We’ve seen customers replace a homegrown application that took months to build with a new and improved application built in just a few hours. The new application offered additional capabilities, better performance, increased scalability and flexibility. Customers have also detected major breaches and significant failures without any prior knowledge—all with no rules or signatures.
If we can help an organization save time, it also means they save money. I expect many more breakthroughs in the coming months as customers leverage our Neural Foam™ artificial intelligence engine and streaming correlation to help put an end to repetitive, manual processes that put their organizations at risk and prevent them from realizing their full potential. When this is the benchmark, time may indeed be more valuable than money.