Security analytics

Abstract

Security analytics is a cyber security strategy that focuses on analyzing data to create robust cyber security interventions. It implies the usage of security analytic tools to improve the identification of proactive attacks and providing countermeasures. By gathering, normalizing, and analyzing network traffic for threat actions, security analytics tools identify behaviors that suggest malicious activity. The domain of security analytics is full of potentials and provides organizations looking to remain on top of vulnerabilities and one step ahead of cybercriminals with a comprehensive solution. Security analytics along with big data capabilities and threat intelligence helps to identify, analyze, and mitigate internal threats, cyber threats, and targeted attacks. Deep learning techniques and big data analytics are rapidly growing traction in the era of the security sector today. The NoSQL graph model is a leveraging security analytics and visualization technique. This approach gathers information from varied host and distributed network sources, connect them to a graph database, capturing complex relationship in the cyber security domain. In that respect, security analytics can also assist in formulating efficient ways of responding to attacks. The major applications of security analytics are network monitoring, cloud traffic, remote user behavior data, business applications, cyber security management, IoT security management, network security analytics, and big data security analytics. This chapter focuses on the introduction to security analytics, its need, challenges, applications, and its future research directions.