Cloudera empowers cybersecurity innovators to proactively secure the enterprise by accelerating threat detection, investigation, and response through machine learning and complete enterprise visibility. Cloudera’s cybersecurity solution, based on Apache Spot, enables anomaly detection, behavior analytics, and comprehensive access across all enterprise data using an open, scalable platform. But what’s the easiest way to get started?

1. GETTING STARTED WITH CLOUDERA'S CYBER
SOLUTION

2. 2 © Cloudera, Inc. All rights reserved.
TODAY’S SPEAKERS
Syed Rafice
Principal Sales Engineer
Cloudera
John Kat
Engineer
StreamSets
Zaf Kahn
Senior Consultant
Arcadia Data

3. 3 © Cloudera, Inc. All rights reserved.
1,000,000,000,000+
[ events per day ]

4. 4 © Cloudera, Inc. All rights reserved.
MANY CISO’S HAVE A DATA PLATFORM CHALLENGE
Security Data Storage Layer
Data Governance
Network
Application
SIEM
(Signature and Correlation)
Splunk
(Search, Descriptive Analytics)
Endpoint
User
Threat Intelligence
1. Storage costs limit
visibility
2. Analytic costs
limit insight
3. Analytic
techniques
insufficient to detect
advanced threats
4. Investigation is a
complicated, time
consuming process
Expensive, Proprietary, Stove Piped
Archived/ Tape
/Dev/ Null

5. 5 © Cloudera, Inc. All rights reserved.
ADVANTAGES OF CLOUDERA’S PLATFORM FOR CYBER
Cloud-Native & On-Premises
Go Beyond Basic
Analytics
• Share data across multiple
analytic processing engines
• Simple search, SQL, Python,
R, Scala
Data Flexibility
• Faster, more agile, full-
fidelity data acquisition
• Data portability: Open
data model and open
storage
Cost-Effective
Scalability
• Elastic scale on-prem or in
the cloud
• Cloud-native pay-per-use
and transience
• Proven at big data scale
Hybrid
• Runs across multi-clouds &
on-prem
• Multi-storage over S3,
HDFS, Kudu, Isilon, DSSD,
etc
Shared Data

6. 6 © Cloudera, Inc. All rights reserved.
OPTIMIZING A SIEM WITH CLOUDERA
PackagedApplications
Analytic
Processing
(Spark, Impala, Solr)
Management,
Governance,Security
(ClouderaManager,Cloudera
Navigator)
Data and
Analytic
Management
Cloudera Data Hub
Open Source Custom
Apache Spot Open Data
Models
(HDFS, Hbase, Kudu)
Ingestion
(StreamSets)
(On premise or Cloud)
SIEM
Source
s
Threat Intelligence Network User Endpoint

7. 7 © Cloudera, Inc. All rights reserved.
SUPPORT MULTIPLE WORKLOADS
With community defined Open Data Models
Endpoint User
Network
DIVERSE DATA SOURCES SINGLE ACCESS
Source: Momentum Partners Cybersecurity Snapshot April 2016

8. 8 © Cloudera, Inc. All rights reserved.
A community approach to fighting cyber threats.

9. 9 © Cloudera, Inc. All rights reserved.
MANY APPLICATIONS; ONE SHARED DATA SET AND ARCHITECTURE
Visualization & machine
learning applications can share
common data set &
infrastructure
CustomPackaged
Open source is developing out
machine learning (e.g. network
threat detection)
Open Source
Build custom applications &
analytics using Cloudera
without having to buy new
infrastructure

10. 10 © Cloudera, Inc. All rights reserved.
DEMO OF OPEN SOURCE APPLICATION
• Setup ingestion
pipelines from Spot
community for Centrify,
Windows, and
Qualysis data
• Create open data
model tables
• Use Cloudera
Manager for
StreamSets
deployment
• Store data in HDFS
and prep for Impala
queries
• Install and deploy
Arcadia Data
Application from Spot
community
• Query data that
resides in the open
data model for ad-hoc
analysis

11. Feeding a Cybersecurity
Data Lake with StreamSets

12. Who is StreamSets?
Enterprise Data DNA
StreamSets Mission
~1,000,000 downloads
25% of the Fortune 500
Top-tier Investors Commercial Customers Across Verticals
Empower enterprises to harness their data in motion.
Products
StreamSets Dataflow Performance Manager™ (DPM),
StreamSets Control Hub (SCH),
StreamSets Data Collector™ (SDC - open source), SDC Edge
Strong Partner Ecosystem Open Source Success

13. Threats Happen in Real-Time
Ready data for analysis in
time to identify and stop
threats in progress
Data from varied data
sources must integrate
into the Open Data Model
with zero code
Be prepared to deal with
data drift, a frequent risk
to data ingestion efforts

14. StreamSets in a
Cybersecurity Architecture

15. © 2017 StreamSets, Inc. All rights reserved.
StreamSets Data Operations Platform

16. Benefits of StreamSets for Cyber
Adaptable, change-
resistant data ingest
Faster time to insight and
response
Complete operational
visibility and control

17. Arcadia Data. Proprietary and Confidential
Getting Started with Arcadia Data and
Cloudera’s Cyber Solution
Zaf Khan, Senior Consultant, EMEA

18. Arcadia Data. Proprietary and Confidential
Ingestion Data Platform Analytics
• Setup ingestion
pipelines from
Spot community
for Centrify,
Windows, and
Qualys data
• Create open data
model tables
• Use Cloudera
Manager for
StreamSets
deployment
• Store data in
HDFS and prep
for Impala queries
• Install and deploy
Arcadia
Dashboards from
Spot community
• Query data that
resides in the
Open Data Model
for ad-hoc
analysis

19. Arcadia Data. Proprietary and Confidential
Arcadia Visualization Engine
The First Native Visual Analytics Platform for Big Data
Arcadia Analytic Platform
(Smart Acceleration™)
On-Premises
Drag-and-drop Visual Analytics & Dashboards
HybridCloud
Custom Data Applications
BIG DATA OS
Distributed execution,
data storage, metadata, security
IN-CLUSTER ANALYTICS ENGINE
Scales linearly with cluster for
speed and easier management
WEB-BASED INTERFACE
Drag & drop interface for
visual analytics & app workflow
DataPlatform

20. Arcadia Data. Proprietary and Confidential
Incident Response
20
• Quickly drill across endpoints, users,
and network
• Real-time dashboards for critical
metrics
• Easily embed results into case
management tools
Network
Endpoint
User

21. Arcadia Data. Proprietary and Confidential
Forensic Analysis
21
• Fast filtering across a well known set of
attributes
• Visuals that make time series analysis
simpler
• Graph visualization to understand
relationships

22. Arcadia Data. Proprietary and Confidential
Threat Hunting
22
• Integrate with machine learning
workflows and outputs
• Full access to your raw events
• Ad-hoc data exploration

23. Arcadia Data. Proprietary and Confidential
Run scripts to set up the
Open Data Model tables for
importing cybersecurity-related
data.
Download Arcadia Instant.
https://www.arcadiadata.com/product/instant
Use the example dashboards with
Arcadia Instant.
To Get Started with Arcadia Data on Cybersecurity

24. Arcadia Data. Proprietary and Confidential
Walkthrough and Demo

25. Arcadia Data. Proprietary and Confidential
To get started after this webinar, go
here:
https://www.arcadiadata.com/cyber
Visit that page to get links for:
▪ Downloading Arcadia Instant
▪ Spot ODM Setup
▪ Spot Dashboards
Summary of Our Cybersecurity Solution

26. © Cloudera, Inc. All rights reserved.
Q&A
LEARN MORE AT CLOUDERA.COM/CYBERSECURITY

27. THANK YOU