Anyone who uses a personal computer with a firewall knows that however secure that system may be, it’s not particularly smart. Yes it blocks threats, but it tends not to reveal much about them — and it sometimes blocks perfectly innocent applications. Likewise, businesses with very large assets at risk have traditionally had to make do with firewalls and all their imperfections. Now some vendors are stepping up their game and using data to develop brainier enterprise security systems.

Ram Varadarajan, founder, chairman and CEO of Acalvio Technologies, said the firewall is like the lock on a door — it can keep out intruders, but it doesn’t give much intelligence on them. He said his company has developed a tool called Deception that does more.

“Think of it as a motion detector for your enterprise,” he told John Furrier (@furrier) and John Walls (@JohnWalls21), cohosts of theCUBE, from the SiliconANGLE Media team, during Splunk.conf 2016.

Haystack, meet metal detector

“We want the anomaly to announce itself,” he said. Further, using Splunk data tools, the company can then glean information on the attacker.

“We actually go and mine for specific information without having to build an ocean of data,” Varadarajan said. “We just need to follow a thread.”

Forensic data science

The data-centric approach has another benefit over simply bolting the doors, so to speak, with a firewall, Varadarajan stated.

When an attacker touches a decoy, “we can actually trace the path the attacker took in order to reach the decoy,” he said, adding that feeding this information back into the system makes it smarter. “If you know the patterns of the attackers, you can set the decoys in clever ways.”

Watch the complete video interview below, and be sure to check out more of SiliconANGLE and theCUBE’s coverage of Splunk.conf 2016.

Photo by SiliconANGLE