Comments
How Analytics Could Stanch Heartbleed
View Comments: Newest First | Oldest First | Threaded View
Re: Bleeding heart
  • 4/20/2014 9:21:08 PM
NO RATINGS

The classic "Your profile is 40% complete. Finish it up!" falls for too many people, it would appear. Then your profiles are hit with perfectly targeted ads.

Re: Bleeding heart
  • 4/20/2014 8:47:17 PM
NO RATINGS

@CandidoNick You are right about that. I too think twice before posting things on the Internet. Sites like Facebook really make you vulnerable and encourage you to over share. It's shocking to see the amount of information people end up sharing.

Re: Bleeding heart
  • 4/20/2014 12:48:05 PM
NO RATINGS

These days, my outlook on the internet is monitered by the assumption that anything I produce on the web can be found, tampered with, and shared in seconds, even by the most ameteur user, regardless of security settings. When it comes to the internet, privacy is null and void.

Re: Bleeding heart
  • 4/18/2014 6:10:56 AM
NO RATINGS

I wonder how many such bugs go undetected in the long run. Hackers have now become more resourceful. They are also more prudent. It is great that big data will help us to identify even smaller discrepancies.

Re: Bleeding heart
  • 4/17/2014 2:34:17 PM
NO RATINGS

Hi Michael, yes, you're absolutely right -- the detection is only the first step. Although I didn't discuss what happens after the discovery with Dunham, I would imagine that automated processes kick in and, as you suggest, humans get notified and then involved, too. At the very least, I would think the system would trigger an automated "verify who you are" kind of response similar to what happens should you, say, log into your bank from a device/IP address that hasn't previously been associated with you. Incidently, she did tell me SAS is in the process of building up its own security operations center (to extend what it already has in place, of course) and will be "eating its own dogfood."

Bleeding heart
  • 4/17/2014 1:27:12 PM
NO RATINGS

I think the analytics that can identify anomalous traffic - like that extra 64K tacked on to a payload - are very important, but it's equally important to formulate an action plan around it. What happens when the software detects these anomalous packets? Are there automated remediation steps, or does a human get alerted, or both? Did Dunham talk about this phase of the process?



INFORMATION RESOURCES
ANALYTICS IN ACTION
CARTERTOONS
VIEW ALL +
QUICK POLL
VIEW ALL +