A Fresh Look at Security AnalyticsThreatConnect's Drew Gidwani on the Promise of Orchestration
Most enterprises are at least discussing security analytics. But how are they actually deploying these tools? And with what levels of automation and orchestration? Drew Gidwani of ThreatConnect shares insight on how to maximize analytics.
How are security analytics commonly deployed today?
"It really depends on the pattern you're looking for and what you're trying to predict," says Gidwani, director of analytics at ThreatConnect. "I think it's kind of interesting to slice and dice it based on the size of the data you're looking at, or the computational nature of the problem at hand."
Gidwani looks at data in three categories: "regular" data; big data; and too-big-for-you data.
In an interview about security analytics, Gidwani discusses:
- How security analytics commonly are used today;
- The potential of automation;
- How orchestration impacts efficiency and scale.
Gidwani is the Director of Analytics at ThreatConnect. He drives the data modeling, collection, and analytics both within the core ThreatConnect platform and in CAL. Previously, he worked for the Department of Defense where he leveraged his varied analysis experiences to scale growing intelligence teams in the face of the ever-changing threats we face today.