Hunters has integrated its SOC (Security Operations Center) Platform with the Databricks Lakehouse. For the first time, Databricks customers will be able to stand up a security data lake for security operations (data ingestion, detection, investigation and response) in just a few clicks using Hunters SOC Platform.
Hunters SOC Platform is an alternative to SIEM that ingests, normalizes and analyzes data from all security and IT sources, including endpoint telemetry, network traffic, identity, and cloud infrastructure.
With the built-in integration capabilities, Hunters makes it easy for security teams to ingest security data: No need to engineer, deploy and maintain ingestion pipelines.
The platform delivers Detection Engineering as a Service, eliminating the repetitive security engineering work for all the common security use cases and removing the need to set up and maintain detection rules, so security teams can focus on the use cases that are unique to their organization.
The platform also automates cross-correlation and investigation to reduce mean time to respond (MTTR) and containment of threats.
The Databricks Lakehouse is a cloud-native data platform that combines the benefits of data lakes and data warehouses as a unified solution for all major data workloads. With its analytics and machine learning capabilities, the Databricks Lakehouse provides a single platform for managing, processing, and analyzing large volumes of data.
“Hunters and Databricks are the perfect match for advanced detection on a lakehouse architecture and we’re just getting started. This integration opens the flood gates to future advanced detection pipelines using ML/AI capabilities in the Databricks Lakehouse,” said Fermín Serna, CSO at Databricks.
Security data lakes have brought with them a paradigm shift in security operations. They support the ingestion of massive volumes and variety of data, at the speed of cloud, and allow security platforms to run advanced analytics including AI/ML on top of them with reduced complexity and at a predictable cost. Security operations shouldn’t live in a silo, but rather be where the rest of the organization’s data resides.
The security market has been conditioned to expect that more data means more people, time, and costs to address threats. Hunters shifts that paradigm by leveraging the leading modern data platforms and their powerful scale and cost efficiencies: they provide unlimited data ingestion and storage at a predictable cost, leveraging a pricing model that is based on compute and not storage.
Security teams shouldn’t be forced to make the hard decision of what data to store and for how long, but rather have it all readily available without taxing the security budget.
“We are thrilled to announce this integration with the Databricks Lakehouse and our enhanced partnership with Databricks,” said Uri May, CEO of Hunters.
“At Hunters, we’re committed to the premise that data storage and analytics should be decoupled. Cybersecurity is a big data problem, and yet security teams shouldn’t be spending their time working on data engineering problems like ingestion and preparing the data for security analytics. By integrating with leading data-focused technologies like the Databricks Lakehouse, we are enabling our customers to gain deeper insights into their organization’s security and respond to threats more quickly and effectively, bringing their security data lake of choice,” May concluded.
– Help Net Security