Leveraging Big Data for Security Analytics

In September, Hortonworks partnered with ManTech and B23 to foster a vibrant open community to accelerate the development of OpenSOC. In December we additionally partnered with Rackspace Managed Security and submitted OpenSOC to the Apache Incubator as a podling under the name of Apache Metron. A decision to rename the project was made to represent the new direction and the new community. Now the process of graduating Metron to a top-level project (TLP) has begun. Given our proven commitment to the Apache Software Foundation process, we feel uniquely qualified to bring this important technology and its capabilities to the broader open source community. Metron integrates a variety of open source big data technologies in order to offer a centralized tool for security monitoring and analysis. Metron provides capabilities for log aggregation, full packet capture indexing, storage, advanced behavioral analytics and data enrichment, while applying the most current threat-intelligence information to security telemetry within a single platform….   http://hortonworks.com/blog/leveraging-big-data-for-security-analytics/

Managing Distributed Data Products with Ansible and Ambari

A blog post describing our open source Ansible module for managing Apache Ambari clusters. -By Mark Bittmann   At B23, we believe in the use of automation for provisioning and configuring cloud resources to manage complex data pipelines, whether streaming or bulk processing. Data pipelines have evolved beyond the pattern of writing blocks of data to HDFS and running bulk operations. MapReduce is a freight truck, but you might need 5 Jeeps, 2 Jaguars, and a helicopter.   There now exist many tools for managing asynchronous, distributed data pipelines, with each tool designed for particular access patterns. These include Kafka, Storm, Spark, MapReduce, Hive, Elasticsearch, a handful of NoSQL databases, and yes the old fashioned relational database. While we are left with the paradox of choice, these options enable us to build precision data products tuned for a particular business problem. Systems often require multiple compute paradigms and access patterns. We use automation and cloud to reduce the complexity of such systems while at the same time enforcing strict policies for security and compliance.   At B23, we’ve come to know Ansible very well for instantiating and configuring distributed data products. We often use Apache Ambari for installing and configuring software stacks in the Hadoop ecosystem. It doesn’t manage every tool, but it really simplifies the configuration of the Hadoop ecosystem. Ambari has a very flexible RESTful API and a powerful UI. However, we found ourselves generating a lot of overlapping Ambari Blueprints. We also found ourselves repeating a lot of Ansible uri and wait_for calls to create, stop, start, and delete clusters in Ambari. Lastly, we were using a lot of Jinja2 to inject hostnames pulled midstream from Ansible’s dynamic inventory. To overcome this, we developed a custom ansible module for managing clusters, and B23 is pleased to make it available as open source: https://github.com/mbittmann/ambari-ansible-module   I think the module has several benefits. First is the...

Hortonworks, ManTech and B23 Join Forces to Deliver Advanced Cyber Security Solutions powered by OpenSOC

SANTA CLARA, Calif. and NEW YORK, Sept. 29, 2015 /PRNewswire/ — Hortonworks, Inc. (NASDAQ: HDP), together with ManTech and B23, is working to foster a vibrant open community to accelerate the development of OpenSOC, an open source cyber security analytic platform built to rapidly detect and respond to advanced security threats. With the advent of the Internet of Anything, the security of data is paramount. Hortonworks is fully committed to supporting the innovation of the OpenSOC community and further advancing cyber security technology. OpenSOC works in conjunction with Hortonworks Data Platform (HDP™) and Hortonworks DataFlow (HDF™) to provide a real-time enterprise threat detection system that: Delivers actionable insights from real-time and historical network threat alerts Ingests, stores and analyzes over a million network packets per second Integrates into existing enterprise environments…....

B23 Partners with Cloudera to Enable Enterprise Class Hadoop Solutions

April 29, 2014 – PRLog — B23 is excited to announce a corporate partnership with Cloudera to help deliver Enterprise-class Big Data and Hadoop solutions to customers. B23 provides professional services to implement Cloudera’s Enterprise Data Hub (EDH) solution offering. B23 is a professional services company focused on delivering Big Data solutions tethered to the Hadoop ecosystem.  B23 uses agile methodologies to allow customers to gain a competitive advantage using their collected information in a cost efficient manner….   https://www.prlog.org/12316471-b23-partners-with-cloudera-to-enable-enterprise-class-hadoop-solutions.html#

B23 and Zoomdata Establish Partnership to Enable Visualization of Big Data Solutions

B23 announces it has become the first certified Zoomdata professional services implementation partner. ARLINGTON, Va. – April 14, 2014 – PRLog — B23 is now a certified Zoomdata professional services implementation partner. This partnership will further enable both companies to more effectively deliver solutions for visualizing Big Data for enterprise customers.  B23 is the first company to achieve the prestigious partner certification from Zoomdata. B23 is a professional services company focused on extracting competitive intelligence from Big Data for its enterprise commercial and public sector customers. “Zoomdata is a natural extension to the solutions we are implementing for our customers. Zoomdata enhances our customers’ capability stack, and will allow users to exploit competitive information from Big Data quickly and effectively.” said Brad Kolarov, Co-founder of B23….   https://www.prlog.org/12309432-b23-and-zoomdata-establish-partnership-to-enable-visualization-of-big-data-solutions.html#