IKANOW 2.0 offers multi-tenancy, enterprise scalability and can be customized to the precise needs of each user.
Risk event screen of the IKANOW 2.0 information security analytics platform.
A Virginia software developer announced today the release of what’s billed as the first open source information security analytics tool for managed security services providers (MSSP) and enterprise.
IKANOW says its new platform features multi-tenancy, enterprise scalability and is fully customizable.
Like elsewhere in the technology world, open source tools for managed services providers (MSPs) are gaining traction.
First, the collaborative open source development process fosters more rapid improvement of the product and drives faster innovation. Also, a segment market of the wants and needs the ability to tailor software to their precise needs.
But information security solutions have remained stubbornly proprietary and closed, slowing their development and making them more difficult to integrate with new data sources.
“It is apparent that the proprietary bias of security software vendors imposes serious limitations when attempting to apply analytics to identify information security breaches and threats,” the IKANO website says. “The closed solutions cannot handle the scale or the need to quickly integrate with a large number of data sources.”
IKANOW founders said they set out to build a company where open source analytics capable of handling big data could be used to help organizations find answers to critical questions.
The new solution relies on open source technologies like MongoDB, Spark and Hadoop, the company said.
Big data security analytics tools are seen as an increasingly important approach to cybersecurity.
“These platforms allow enterprises to capture data from multiple, varied data sources, integrate that data in near real time, analyze patterns and detect malicious activity as well as monitor, report and conduct forensic investigations,” systems architect Dan Sullivan wrote in a blog post for TechTarget.
The IKANOW solution collects, correlates and analyzes data from security information and event management (SIEM), threat intelligence, asset, endpoint, Netflow, packet capture, and other internal and external sources.
“It is at the intersection of these data sources that previously undetected hacker activity can often be exposed,” Manoj Srivastava, IKANOW’s vice president of engineering, said in a statement.
The tool’s multi-tenant architecture allows for management of multiple clients from a single instance on a single dashboard, a functionality the firm says is increasingly in demand by both third-party service providers and enterprise customers.
“Large enterprises often need to duplicate information security infrastructure when network topologies are segmented by business unit or geography,” Srivastava said. “Multi-tenant security analytics is an important capability for both enterprise users and MSSPs.”
Send tips and news to MSPmentorNews@Penton.com.