当前位置:首页 > 报告详情

跳进湖里:数据湖如何帮助您的安全计划.pdf

上传人: 可*** 编号:991875 2025-12-07 51页 1.55MB

1、Go jump in a lakeHow a data lake can help your security programBrian DavisPrincipal Software EngineerWho am I?Member of the Red Canary Architecture teamIve been building complex distributed systems for more than two decadesAvid hiker,photographer,home automator,and beekeeper based in DenverBrian Dav

2、isPRINCIPAL SOFTWARE ENGINEERRED CANARY,a Zscaler Companybrianthedavis1.SIEM Basics:How You Use It and Why Its Expensive2.Whats a Data Lake?3.Building a Data Lake for Fun and Profit4.Security Use CasesSIEM BUDGETSIEMLets talk about SIEM*architecture*Well use OpenSearch as a stand inOpenSearch Cluste

3、rOne Simple Truth in Cloud Computing ITRenting Computers Is ExpensiveMonthly Cost Comparison AWS Pricing Per Month for 105TB of storage on a 12 node cluster$24,688$2,484$106Why is SIEM so good at what it does?432 cores3 TB RAMDefinitionAWSs Definition:A data lake is a centralized repository that all

4、ows you to store all your structured and unstructured data at any scale.https:/ Definition:A data lake is a centralized repository that ingests,stores,and allows for processing of large volumes of data in its original form.https:/ Definition:A data lake is a repository that stores,processes,and secu

5、res large amounts of data.Data lakes help businesses cut costs,manage data,and use AI.https:/ Lakesare taking existing technologies nd gluing them tgether.https:/ Cluster$8,640OpenSearch ClusterOpenSearch Cluster$8,640$2,400*Hypothetical Pie Chart of Compute UseWhy pay for all this idle compute time

6、?If youre not using the computer,turn it off.OpenSearch Clusteralright-I get it.You sprinkle in compute.But theres still magic,right?Rows and ColumnsRows and Columnssnapshot_ts|id|des|run|req|lim|req_bytes|lim_bytes-+-+-+-+-+-+-+-2025-04-01 00:00:10|2954|1|1|1000|2000|4294967296|42949672962025-04-01

word格式文档无特别注明外均可编辑修改,预览文件经过压缩,下载原文更清晰!
三个皮匠报告文库所有资源均是客户上传分享,仅供网友学习交流,未经上传用户书面授权,请勿作商用。
根据报告的内容,全文主要内容概括如下: 1. **SIEM成本问题**:传统的SIEM(安全信息与事件管理)系统成本高昂,因为它们需要大量的计算资源来处理和分析数据。 2. **数据湖概念**:数据湖是一个集中存储所有结构化和非结构化数据的平台,允许大规模存储和处理数据。 3. **数据湖优势**:数据湖可以存储大量数据,支持大规模查询,并可根据需要扩展,成本效益高。 4. **数据湖应用**:数据湖可用于安全分析、趋势分析、合规性存储和AI/ML应用。 5. **核心数据**: - Netflix的数据湖包含超过1EB(艾字节)的数据,每天处理10+PB数据。 - 使用Parquet格式存储数据,5百万行数据仅占用8.8MB空间。 6. **挑战**:数据湖的存储成本相对便宜,但查询成本可能较高。
"如何利用数据湖提升你的安全项目?" "数据湖真的能解决大数据处理的难题吗?" "数据湖与AI/ML结合,能带来哪些惊喜?"
客服
商务合作
小程序
服务号
折叠