Information Security Analytics: Finding Security Insights, Patterns, and Anomalies in Big Data

Information Security Analytics gives you insights into the practice of analytics and, more importantly, how you can utilize analytic techniques to identify trends and outliers that may not be possible to identify using traditional security analysis techniques.

Information Security Analytics dispels the myth that analytics within the information security domain is limited to just security incident and event management systems and basic network analysis. Analytic techniques can help you mine data and identify patterns and relationships in any form of security data. Using the techniques covered in this book, you will be able to gain security insights into unstructured big data of any type.

The authors of Information Security Analytics bring a wealth of analytics experience to demonstrate practical, hands-on techniques through case studies and using freely-available tools that will allow you to find anomalies and outliers by combining disparate data sets. They also teach you everything you need to know about threat simulation techniques and how to use analytics as a powerful decision-making tool to assess security control and process requirements within your organization. Ultimately, you will learn how to use these simulation techniques to help predict and profile potential risks to your organization.

Written by security practitioners, for security practitionersReal-world case studies and scenarios are provided for each analytics techniqueLearn about open-source analytics and statistical packages, tools, and applicationsStep-by-step guidance on how to use analytics tools and how they map to the techniques and scenarios providedLearn how to design and utilize simulations for "what-if" scenarios to simulate security events and processesLearn how to utilize big data techniques to assist in incident response and intrusion analysis

Chapter 1: Analytics Defined

Chapter 2: Primer on Analytics Software and Tools

Chapter 3: Analytics and Incident Response

Chapter 4: Simulations and Security Processes

Chapter 5: Access Analytics

Chapter 6: Technical Risk Profiling

Chapter 7: Security Intelligence and Next Steps