Securonix powers next-gen SIEM with Ahana Cloud for Presto and open data lake analytics
Ransomware attacks such as the one suffered recently by the Colonial Pipeline Co., which shut down the pipeline supplying oil to America’s East Coast for five days, are increasingly common and require companies to be prepared to respond quickly once a risk arises.
The hybrid cloud security specialist Securonix Inc. has partnered with Ahana Cloud Inc., the commercial curator of the Presto distributed query engine, to leverage open data lake analytics within its next-generation SIEM, or security information and event management, and deliver real-time security insights for business, according to Sachin Nayyar (pictured, right), chief executive officer of Securonix.
“Securonix on the cloud brings together all the data, then runs purpose-built analytics on it,” he said. “We are today pulling in several million events per second from our customers, and we provide just a very small handful of events and reduce the false positives so that people can focus on them.”
Nayyar and Steven Mih (left), co-founder and chief executive officer of Ahana, spoke with John Furrier, host of theCUBE, SiliconANGLE Media’s livestreaming studio, during the AWS Startup Showcase: The Next Big Things in AI, Security & Life Sciences. They discussed the increasingly sophisticated and dangerous cyberattacks, how Securonix leverages advanced analytics to protect customers against cybercriminals and the role of Ahana Cloud for Presto engine for enabling this solution in open data lakes. (* Disclosure below.)
Gathering data from a hybrid architecture
Seeking greater efficiency, agility and scalability, companies are increasingly moving to the cloud and building complex, hybrid IT architectures. To deliver a comprehensive security solution for these infrastructures, it is necessary to embrace data across on-premises, in the cloud and at the edge, bringing it all together into a security data lake and then running purpose-built analytics on top of that, according to Nayyar.
The data lake must be built in the cloud to be able to hold massive amounts of data. That is where Amazon S3-based data lakes come in, “which are the easiest, cheapest, commodified place to put all this data,” according to Mih.
For Securonix to deliver its intelligent cyber solution, it needs to give customers the ability to search that data across vast data lakes, and that is made possible by the Presto search engine, curated by Ahana.
Presto is an open-source distributed SQL query engine that is known for its ability to query multiple sources — including those containing both structured and unstructured data — and return results without requiring extract databases or extract/transform/load procedures. Originally built by Facebook Inc., it was released to open source in 2015 and is incubated by the Presto Foundation as a project within the Linux Foundation.
“It was built to replace the complicated Hadoop stack in order to then drive analytics at very lightning-fast queries on large, large sets of data,” Mih explained. “And so Presto fits in with this open data lake analytics movement, which has made Presto one of the fastest-growing projects out there.”
According to Ahana, an Open Data Lake Analytics approach is a technology stack that includes open source, open formats, open interfaces and open cloud, a preferred approach for companies that want to avoid proprietary formats and technology lock-in that come with traditional data warehouses.
12 months of high-speed searchable data
In partnership with Ahana, Securonix hopes to continue improving its data search capabilities and therefore its cybersecurity solutions.
“With something like this, very soon, we will be able to offer our customers 12 months of data searchable at extremely fast speeds at very reasonable price points, and you will own your own data,” Nayyar said.
When looking for an engine to work in S3-based data lakes, Securonix was certain it could not rely on a small company that could be acquired at any time and cause a service disruption. As such, the open-source Presto seemed like a good fit.
“We know there is a community behind it, and it will be kind of available for us to use and we will be able to contribute in it for the long term,” Nayyar explained.
Another critical point in this choice is that Securonix believes customers should own their data, rather than being locked into proprietary formats as in the past, and a data search engine like Presto scales independently of storage.
“Then when we start looking at Presto, we came across Ahana,” Nayyar said. “For every open-source system, you definitely need a sort of a for-profit company that invests in the community and then that takes the community forward, because without a company like this, the community will die.”
In addition to giving businesses the flexibility to choose the storage they want, Presto promises to reduce analytics costs and making the operations team’s job easier. It only takes one or two people running Presto, and they can get up speed quickly, starting their movement in an open data lake analytics architecture, according to Mih.
“That architecture … is the one that is at Facebook, Uber, Twitter, other large web-scale, internet-scale companies,” he said. “And with the amount of data that’s occurring, that’s now becoming the standard architecture for everyone else in the future.”
Watch the complete video interview below, part of SiliconANGLE’s and theCUBE’s coverage of the AWS Startup Showcase: The Next Big Things in AI, Security & Life Sciences. (* Disclosure: Ahana Cloud sponsored this segment of theCUBE. Neither Ahana Cloud nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)
A message from John Furrier, co-founder of SiliconANGLE:
Show your support for our mission by joining our Cube Club and Cube Event Community of experts. Join the community that includes Amazon Web Services and Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger and many more luminaries and experts.
We really want to hear from you, and we’re looking forward to seeing you at the event and in theCUBE Club.