Banks and Insurance companies lose billions of dollars every year to fraud.
Traditional methods of fraud detection play an important role in minimizing
these losses. However increasingly sophisticated fraudsters have developed a
variety of ways to elude discovery, both by working together and by
leveraging various other means of constructing false identities.
Graph databases offer new methods of uncovering fraud rings and other
sophisticated scams with a high-level of accuracy, and are capable of
stopping advanced fraud scenarios in real-time.
While no fraud prevention measures can ever be perfect, significant
opportunity for improvement can be achieved by looking beyond the individual
data points, to the connections that link them. Oftentimes these connections
go unnoticed until it is too late- something that is unfortunate, as these
connections oftentimes hold the... (more)
Cloud Computing on Ulitzer
Last time we saw the difficulty in Predictive Rightsizing, a
frustrating exercize based on "guesstimation" aimed at predicting
future SLA in an everchanging business environment...
So what's the answer?
The solution is a truly dynamic, elastic, real-time on-demand SLA with a
provisioning that is transparent to the users.
Provided that you stay within some reasonable boundaries, you can use as many
resources as you need, or as few as required, ramping up and slowing down
resource usage, without having to provision SLA in advance of usage.
This is the ul... (more)
Are we growing immune to bad news about security breach?
I sure hope not, although it's hard to keep up with all of them.
Did you read about the Blippy Data Breach at http://bit.ly/cyR5aU?
You know, Blippy, that up-and-coming startup that allowed very sensitive
information to leak out and then tried to downplay the incident. Not good.
And when their users fled and tried to cancel service, their canceling
service went down. Oops...
Blippy should have known better, too... their business model is based on
manipulating very sensitive data - including credit card information. And
Rule-based log correlation is based on modeling attack scenarios
Back to the visibility aspect.
"By managing all your logs you get universal visibility in everything that is
happening in your IT infrastructure." Yes, this is a true statement.
But to tell that you can easily flag security attacks using rule-based
correlation is a major overstatement.
Rule-based correlation essentially automates the "If this is happening here"
and "That is happening there" then "We have a problem." More precisely, "If
this precise event is taking place at this particular time in this specific
We saw what typically happens when trying to use static rule-based log
correlation to perform real-time incident management... combinatory explosion
and lack of scalability. How do you automate non-deterministic attacks in a
few discrete steps???
Today, we'll look at more scenarios for which static rule-based log
correlation doesn't make sense.
Attack Scenario Example 2: Brute Force Attack
Let's look at another example scenario. Brute Force Attack.
- A user tries to log in to his account
- He fails many times in a row and then finally succeeds
- Then "probably" a successful Brute ... (more)