So this week I had some great conversations with some of the really smart people. The one that I just learn every day from is my partner in crime Mike. This week he has been helping me to understand what are the best options for our Capstone. There are just so many things out there but just not one that does exactly what we are looking to do. So how do you bring the best of these things together to make your vision a reality?
There are many teams out there looking for opportunities to do just that. Mike had the opportunity of going out to the REN-ISAC yesterday to see what they have been doing to at least automate the ingestion and analysis of data...a necessary first step I think if you are going to get to the point of predictive analytics - you need lots of data and time for that data to start showing trends that can then translate into predictions. Now I can use the knowledge he gained as another tool in our toolbox for our project.
The REN-ISAC is using the crowd-sourcing approach to solving the network defense, incident response, and analysis problems. They have moved away from the traditional structured reporting process to a more collaborative, federated approach of ingesting data from multiple sources and letting trends over time and the level of interest in the data direct action - severity, confidence, and do other people care factors. Hopefully, as their project continues to develop, this paradigm shift will catch on across the cybersecurity community