Last time, we saw that the biggest impediments to Cloud Provider's adoption
are Trust and Visibility.
Today, we'll look at the difficulty of predictive rightsizing, and how
elasticity is one of the biggest value proposition of Cloud Providers.
One advantage of Cloud Computing is elasticity with self-provisioning, which
provides a level of flexibility that didn't exist with traditional Managed
Service Providers, and which also allows the selection of a level of service
and performance that is close to what is needed.
With "traditional" MSPs (Managed Service Providers) and outsourcers, a client
would typically negotiate a 3-year contract. Each year, the client would
agree on a static SLA (Service Level Agreement) for the next 12 months and it
would be extremely difficult to change this SLA during the year.
It was always a painful exercise to calculate and approximate wh... (more)
Cloud Computing on Ulitzer
Last time we saw the difficulty in Predictive Rightsizing, a
frustrating exercize based on "guesstimation" aimed at predicting
future SLA in an everchanging business environment...
So what's the answer?
The solution is a truly dynamic, elastic, real-time on-demand SLA with a
provisioning that is transparent to the users.
Provided that you stay within some reasonable boundaries, you can use as many
resources as you need, or as few as required, ramping up and slowing down
resource usage, without having to provision SLA in advance of usage.
This is the ul... (more)
We saw what typically happens when trying to use static rule-based log
correlation to perform real-time incident management... combinatory explosion
and lack of scalability. How do you automate non-deterministic attacks in a
few discrete steps???
Today, we'll look at more scenarios for which static rule-based log
correlation doesn't make sense.
Attack Scenario Example 2: Brute Force Attack
Let's look at another example scenario. Brute Force Attack.
- A user tries to log in to his account
- He fails many times in a row and then finally succeeds
- Then "probably" a successful Brute ... (more)
During these past few weeks, we have looked at several reasons why a static
rule based correlation is not the "SOC in a Box", end-all be all that many
thought it was.
Indeed what to think about a "solution" that:
Can only address a very limited set of attack scenarios Requires meticulous
consideration on how to map out the few selected attack scenarios Doesn't
guarantee you to catch attacks in progress even when one of the few selected
scenario is taking place Obliges you to think of minute details to slightly
reduce false positives Yields hundreds and thousands of basic correlat... (more)
Banks and Insurance companies lose billions of dollars every year to fraud.
Traditional methods of fraud detection play an important role in minimizing
these losses. However increasingly sophisticated fraudsters have developed a
variety of ways to elude discovery, both by working together and by
leveraging various other means of constructing false identities.
Graph databases offer new methods of uncovering fraud rings and other
sophisticated scams with a high-level of accuracy, and are capable of
stopping advanced fraud scenarios in real-time.
While no fraud prevention measures c... (more)