Introducing Integration with Enterprise Authentication for B23 Data Platform

February 22nd, 2017   Imagine how much extra productivity you could unleash if your time wasn’t burdened trying to manage a myriad of username and password combinations. With ever-growing demands for tighter security, increasingly complex passwords are a mental drain. On a personal level it’s frustrating, but on an enterprise level it can be paralyzing.     Thankfully, B23 Data Platform now offers seamless Identity Provider Initiated (IDP-initiated) authentication integration with Okta and other identity providers through Security Assertion Markup Language 2.0 (SAML 2.0). Taking away such burdens as managing unique user accounts for yet another cloud application, all users in your enterprise organization can simply authenticate through your preexisting Okta dashboard or other SAML identity provider with minimal setup required. B23 Data Platform can also be pulled in as another chicket and launched from users’ familiar application dashboard.         What if I’m using Lightweight Directory Access Protocol (LDAP)? If you’ve tied it in to your SAML provider, you’re good to go! B23 appreciates the time and energy your company has already spent integrating Single Sign-on solutions and will continue to incorporate other third-party SAML 2.0 identity provider solutions like Ping, AuthO and Centrify. If you’re interested in setting up B23 Data Platform for your organization, please reach out to info@b23.io or visit www.b23.io....

Why Apache Metron and Cyber Analytics Matters in 2016

  Since our last series of blog posts making the case for the Next Generation of Cisco’s OpenSOC solution, we are pleased to announce that the project has been accepted into the Apache Software Foundation as an incubating project to satisfy the vision we set forth (http://bit.ly/1ZO8RD0). This occurred in December 2015 under the stewardship Hortonworks (NASDAQ:HDP). B23 is now in our second year supporting the open source OpenSOC codebase, and we are proud to represent a significant part of the Project Management Committee (“PMC”) and Committer members within the Apache Metron incubation project. Over the past two years, we have deployed Metron in a variety of customers and environments each with unique use cases and objectives. As a result of this experience, we have started to develop our own set of best-practices relative to deployment, configuration, and development focus. B23 is now the longest, continuously operating organization to support this code base. We are flattered that one of our B23 Committers won the vote for the proposed name ‘Metron.’ We will continue to increase our involvement within Apache Metron in the future. In 2016, we have four (4) focus areas for Apache Metron which are based on our unique set of experiences and capabilities. 1. Enhanced Fidelity — Network Packet Analysis   From a data acquisition perspective, we believe raw packet capture (“PCAP”) is important for understanding the true fidelity of network behavior. Commodity, low-cost storage, and the Hadoop Distributed Filesystem (“HDFS”) make it technically and economically feasible to store, organize, and query enterprise-scale packet metadata and content. While the original OpenSOC project supported PCAP in certain use cases, we have continued to develop features and capabilities to make PCAP collection more central to our Metron deployments. This includes additional temporal and geospatial trending of PCAP information in the Metron operational dashboard in real-time. 2. Bringing Data Science to the Security Operations Center (“SOC”)...

Next Generation Cybersecurity Analytics – Part I

With many recent high-profile cyber breaches, an overarching cybersecurity program is a critical business requirement, particularly in the financial services sector where customer trust is of utmost concern. B23 recently helped a customer implement a Next Generation Cybersecurity Analytic capability and we would like to share our experiences through a 3-part series of blog posts — “Next Generation Cybersecurity Analytics”. This first blog post will include the background and high level solution that B23 implemented. Our second follow-up blog post (Next Generation Cybersecurity Analytics – Part II) provides a technical overview of the software components, and the third post makes the case why a Next Generation Cybersecurity Analytics solution is required. B23 has unique experience implementing large and complex Hadoop implementations. For this reason, B23 was selected by a S&P 500 financial services firm (the “Bank”) to enable a distributed cybersecurity analytics platform capable of handling peak ingest rates of 1 Petabyte (“PB”) every 66 minutes. To understand and proactively address the emerging cyber threat, the Bank performed an internal business risk assessment of its cybersecurity vulnerabilities. This assessment quantified a monetary risk value which formed the basis of its return-on-investment (“ROI”) analysis to deploy a big data threat analysis platform. As a result of the the risk assessment the Bank chose B23 to implement the Hortonworks Data Platform (“HDP”) as the basis for its threat analytics platform to address cybersecurity risks. The Bank also selected OpenSOC open-source framework for its cyber analytics solution. Originally released by Cisco, the OpenSOC framework helps organizations make big data part of their technical security strategy by providing a platform for the application of anomaly detection and incident forensics to the data loss problem. <img class=”progressiveMedia-noscript js-progressiveMedia-inner”...