Data Security
BrandView

Tenzir takes on the security-data overload

Data overload is one of the biggest challenges facing security teams, but German startup Tenzir thinks it has the solution: security data operations, or SecDataOps.

"We are bringing open-source security data pipelines to market," Tenzir founder and CEO Matthias Vallentin tells Security Weekly's Mandy Logan at the Black Hat 2023 security conference last week. "Think of it as a mechanism to acquire, enrich, route security data, get it from A to B."

Security teams are being overwhelmed by the amount of telemetry they have to ingest and process, Vallentin explains, and security tools such as SIEMs can't keep up.

"The amount of data we consume is just exponentially skyrocketing," Vallentin says, with security tools "basically collapsing under the load."

At the same time, he says, the need for even more data grows as attackers become more sophisticated and the number of signals required to spot attacker activity increases.

"We have to be smarter in our detections to find them, and that requires more data," Vallentin says.

SecDataOps is an open-source approach to reducing, managing and redirecting that data, Vallentin says, through reshaping, filtering, pre-processing, compaction and deduplication.

"SecDataOps is really an operating model," he explains. "[It's] a way to think about leveraging the data, to build data, to build out security use cases from a data-flow perspective."

He's bringing it to market because he doesn't expect security practitioners to suddenly take up data as a new task.

"Security teams don't have data engineers by default," Valletin says. "That's usually a different skill."

This segment is sponsored by Tenzir. Visit https://securityweekly.com/tenzirbh to learn more about them!

The full interview is above. Notable points along the way:

00:00 – Mandy Logan, Pulse Security Weekly, Matias Valentin, Tenzir
00:17 - Black Hat experience smooth, new tool launches
00:37 - Tenzir: Open-source security data pipeline
03:45 - Data engineering challenges for security teams
06:03 - Data wrangling for security teams
10:50 - Security data pipelines empower agile use cases
13:22 - Node-based security data pipelines: flexible, cost-effective
14:41 - Future-proof security operations for data aggregation

Paul Wagenseil

Paul Wagenseil is a custom content strategist for CyberRisk Alliance, leading creation of content developed from CRA research and aligned to the most critical topics of interest for the cybersecurity community. He previously held editor roles focused on the security market at Tom’s Guide, Laptop Magazine, TechNewsDaily.com and SecurityNewsDaily.com.

Related

Significant data breach prompts penalties for SK Telecom

Reuters reports that leading South Korean telecommunications provider SK Telecom has been ordered by the country's Ministry of Science and ICT to pay an almost $22,000 fine and implement security measures every quarter following a cyberattack disclosed in April that compromised 26.96 million universal subscriber identity module cards.

CIEE One breach compromises nearly 250K records

Security Affairs reports that major Brazilian recruitment and selection service platform CIEE One was discovered by Resecurity to have had 248,725 records belonging to businesses and trainees exfiltrated and later exposed by the financially motivated underground data broker "888".

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

Related Terms

Block CipherByteCiphertextCryptographic Algorithm or HashData AggregationData Encryption Standard (DES)DecryptionDiffie-HellmanDigital EnvelopeDigital Signature

You can skip this ad in 5 seconds