SlideShare a Scribd company logo

Threat Detection and Response at Scale with Dominique Brezinski

Databricks, profile picture
Databricks

The document discusses Apple's information security focus on threat detection and response via a data platform approach that manages diverse threats and data sets. It highlights the scale of operations, with over 300 billion events processed daily and an architecture enabling efficient data ingestion and analytics. The document also emphasizes data reduction techniques that significantly lessen the volume of data scanned for analysis.

Data & Analytics
Related topics:
Apache Spark
1 of 25
Downloaded 142 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Dominique Brezinski — Apple Information Security • Threat Detection and Response • at Scale
This is about the data platform aspect, not the specific analytics
Agenda • Use Cases, Scale, • and Challenges/Solutions
Threat Detection and Response at Scale with Dominique Brezinski
Enabling Detection and Analytics
Diverse threats require diverse data sets
Streams (left joined) with context and filtered or (inner joined) with indicators
Large time window, multi-dataset graphs
Enabling Triage and Containment
Search and Query
WHERE date > current_date() - 30 days
Scale
Threat Detection and Response at Scale with Dominique Brezinski
>100TB new data a day
>300 billion events per day
Most queried table: 504,761,911,529,518 bytes, 11,149,012,553,409 rows Yeah, trillions!
Streaming Ingestion Architecture
Threat Detection and Response at Scale with Dominique Brezinski
Threat Detection and Response at Scale with Dominique Brezinski
Threat Detection and Response at Scale with Dominique Brezinski
Threat Detection and Response at Scale with Dominique Brezinski
Threat Detection and Response at Scale with Dominique Brezinski
Threat Detection and Response at Scale with Dominique Brezinski
WHERE src_ip = x AND dst_ip = y Total data size: 504 terabytes, 11,149,387,374,965 rows Scanned data size: 36.5 terabytes, 722,630,063,648 rows Additional reduction thanks to data skipping (bytes): 92.4% Additional reduction thanks to data skipping (rows): 93.2%
Simple. Unified.

More Related Content

PDF
Apache Hadoop Tutorial | Hadoop Tutorial For Beginners | Big Data Hadoop | Ha...
Edureka!
 
PDF
Parquet performance tuning: the missing guide
Ryan Blue
 
PPTX
Mining Data Streams
SujaAldrin
 
PDF
Spark shuffle introduction
colorant
 
PDF
The Parquet Format and Performance Optimization Opportunities
Databricks
 
PDF
Introduction to Stream Processing
Guido Schmutz
 
PPTX
Myths of Big Partitions (Robert Stupp, DataStax) | Cassandra Summit 2016
DataStax
 
PPTX
Apache Flink and what it is used for
Aljoscha Krettek
 
Apache Hadoop Tutorial | Hadoop Tutorial For Beginners | Big Data Hadoop | Ha...
Edureka!
 
Parquet performance tuning: the missing guide
Ryan Blue
 
Mining Data Streams
SujaAldrin
 
Spark shuffle introduction
colorant
 
The Parquet Format and Performance Optimization Opportunities
Databricks
 
Introduction to Stream Processing
Guido Schmutz
 
Myths of Big Partitions (Robert Stupp, DataStax) | Cassandra Summit 2016
DataStax
 
Apache Flink and what it is used for
Aljoscha Krettek
 

What's hot (20)

PPTX
Apache flink
Ahmed Nader
 
PPTX
Object Storage Overview
Cloudian
 
PPTX
Hive, Presto, and Spark on TPC-DS benchmark
Dongwon Kim
 
PDF
Massive Data Processing in Adobe Using Delta Lake
Databricks
 
PDF
Apache Spark vs Apache Flink
AKASH SIHAG
 
PPTX
Big Data Analytics with Hadoop
Philippe Julio
 
PPTX
Real-time Hadoop: The Ideal Messaging System for Hadoop
DataWorks Summit/Hadoop Summit
 
PDF
What is Hadoop | Introduction to Hadoop | Hadoop Tutorial | Hadoop Training |...
Edureka!
 
PDF
Recent Object Detection Research & Person Detection
Kai-Wen Zhao
 
PPTX
Apache Spark Architecture
Alexey Grishchenko
 
PDF
Cheatsheet deep-learning
Steve Nouri
 
PPTX
Lessons Learned From Running 1800 Clusters (Brooke Jensen, Instaclustr) | Cas...
DataStax
 
PPTX
Hadoop Architecture | HDFS Architecture | Hadoop Architecture Tutorial | HDFS...
Simplilearn
 
PDF
Inside MongoDB: the Internals of an Open-Source Database
Mike Dirolf
 
PDF
Apache Spark Overview
Vadim Y. Bichutskiy
 
PPTX
Transformations and actions a visual guide training
Spark Summit
 
PPTX
Hive + Tez: A Performance Deep Dive
DataWorks Summit
 
PDF
Introduction to Big Data Analytics and Data Science
Data Science Thailand
 
PDF
Deep Dive: Memory Management in Apache Spark
Databricks
 
PDF
Apache Spark - Basics of RDD | Big Data Hadoop Spark Tutorial | CloudxLab
CloudxLab
 
Apache flink
Ahmed Nader
 
Object Storage Overview
Cloudian
 
Hive, Presto, and Spark on TPC-DS benchmark
Dongwon Kim
 
Massive Data Processing in Adobe Using Delta Lake
Databricks
 
Apache Spark vs Apache Flink
AKASH SIHAG
 
Big Data Analytics with Hadoop
Philippe Julio
 
Real-time Hadoop: The Ideal Messaging System for Hadoop
DataWorks Summit/Hadoop Summit
 
What is Hadoop | Introduction to Hadoop | Hadoop Tutorial | Hadoop Training |...
Edureka!
 
Recent Object Detection Research & Person Detection
Kai-Wen Zhao
 
Apache Spark Architecture
Alexey Grishchenko
 
Cheatsheet deep-learning
Steve Nouri
 
Lessons Learned From Running 1800 Clusters (Brooke Jensen, Instaclustr) | Cas...
DataStax
 
Hadoop Architecture | HDFS Architecture | Hadoop Architecture Tutorial | HDFS...
Simplilearn
 
Inside MongoDB: the Internals of an Open-Source Database
Mike Dirolf
 
Apache Spark Overview
Vadim Y. Bichutskiy
 
Transformations and actions a visual guide training
Spark Summit
 
Hive + Tez: A Performance Deep Dive
DataWorks Summit
 
Introduction to Big Data Analytics and Data Science
Data Science Thailand
 
Deep Dive: Memory Management in Apache Spark
Databricks
 
Apache Spark - Basics of RDD | Big Data Hadoop Spark Tutorial | CloudxLab
CloudxLab
 
Ad

Similar to Threat Detection and Response at Scale with Dominique Brezinski (20)

PDF
Data Management - Full Stack Deep Learning
Sergey Karayev
 
PDF
Dp%20 fudamentals%20%28ch1%29
Navid Abbaspour
 
PPTX
Big Data Lessons from the Cloud
MapR Technologies
 
PPT
Optim test data management for IMS 2011
evgeni77
 
PDF
Science cloud foster june 2013
Kirill Osipov
 
PPTX
Science as a Service: How On-Demand Computing can Accelerate Discovery
Ian Foster
 
PPTX
EMC Deduplication Fundamentals
emcbaltics
 
PPTX
Why 2015 is the Year of Copy Data - What are the requirements?
Storage Switzerland
 
PDF
ADV Slides: The Evolution of the Data Platform and What It Means to Enterpris...
DATAVERSITY
 
PPTX
Data science neural network project life cycle
Vincent Pommier
 
PPTX
Big Data DC - Analytics at Clearspring
abramsm
 
PPTX
Accelerating data-intensive science by outsourcing the mundane
Ian Foster
 
PPT
Data mining
Ujjwal Kumar
 
PPT
Final Ucat Ppt
lionqueen1985
 
PPTX
XLDB South America Keynote: eScience Institute and Myria
University of Washington
 
PDF
High Performance Data Analytics and a Java Grande Run Time
Geoffrey Fox
 
PPT
Scaling-up collections digitisation
Vince Smith
 
PPTX
Webinar: How Snapshots CAN be Backups
Storage Switzerland
 
PPTX
Achieving Real-time Ingestion and Analysis of Security Events through Kafka a...
Kevin Mao
 
PPTX
Overview of GovCloud Today
GovCloud Network
 
Data Management - Full Stack Deep Learning
Sergey Karayev
 
Dp%20 fudamentals%20%28ch1%29
Navid Abbaspour
 
Big Data Lessons from the Cloud
MapR Technologies
 
Optim test data management for IMS 2011
evgeni77
 
Science cloud foster june 2013
Kirill Osipov
 
Science as a Service: How On-Demand Computing can Accelerate Discovery
Ian Foster
 
EMC Deduplication Fundamentals
emcbaltics
 
Why 2015 is the Year of Copy Data - What are the requirements?
Storage Switzerland
 
ADV Slides: The Evolution of the Data Platform and What It Means to Enterpris...
DATAVERSITY
 
Data science neural network project life cycle
Vincent Pommier
 
Big Data DC - Analytics at Clearspring
abramsm
 
Accelerating data-intensive science by outsourcing the mundane
Ian Foster
 
Data mining
Ujjwal Kumar
 
Final Ucat Ppt
lionqueen1985
 
XLDB South America Keynote: eScience Institute and Myria
University of Washington
 
High Performance Data Analytics and a Java Grande Run Time
Geoffrey Fox
 
Scaling-up collections digitisation
Vince Smith
 
Webinar: How Snapshots CAN be Backups
Storage Switzerland
 
Achieving Real-time Ingestion and Analysis of Security Events through Kafka a...
Kevin Mao
 
Overview of GovCloud Today
GovCloud Network
 
Ad

More from Databricks (20)

PPTX
DW Migration Webinar-March 2022.pptx
Databricks
 
PPTX
Data Lakehouse Symposium | Day 1 | Part 1
Databricks
 
PPT
Data Lakehouse Symposium | Day 1 | Part 2
Databricks
 
PPTX
Data Lakehouse Symposium | Day 2
Databricks
 
PPTX
Data Lakehouse Symposium | Day 4
Databricks
 
PDF
5 Critical Steps to Clean Your Data Swamp When Migrating Off of Hadoop
Databricks
 
PDF
Democratizing Data Quality Through a Centralized Platform
Databricks
 
PDF
Learn to Use Databricks for Data Science
Databricks
 
PDF
Why APM Is Not the Same As ML Monitoring
Databricks
 
PDF
The Function, the Context, and the Data—Enabling ML Ops at Stitch Fix
Databricks
 
PDF
Stage Level Scheduling Improving Big Data and AI Integration
Databricks
 
PDF
Simplify Data Conversion from Spark to TensorFlow and PyTorch
Databricks
 
PDF
Scaling your Data Pipelines with Apache Spark on Kubernetes
Databricks
 
PDF
Scaling and Unifying SciKit Learn and Apache Spark Pipelines
Databricks
 
PDF
Sawtooth Windows for Feature Aggregations
Databricks
 
PDF
Redis + Apache Spark = Swiss Army Knife Meets Kitchen Sink
Databricks
 
PDF
Re-imagine Data Monitoring with whylogs and Spark
Databricks
 
PDF
Raven: End-to-end Optimization of ML Prediction Queries
Databricks
 
PDF
Processing Large Datasets for ADAS Applications using Apache Spark
Databricks
 
PDF
Machine Learning CI/CD for Email Attack Detection
Databricks
 
DW Migration Webinar-March 2022.pptx
Databricks
 
Data Lakehouse Symposium | Day 1 | Part 1
Databricks
 
Data Lakehouse Symposium | Day 1 | Part 2
Databricks
 
Data Lakehouse Symposium | Day 2
Databricks
 
Data Lakehouse Symposium | Day 4
Databricks
 
5 Critical Steps to Clean Your Data Swamp When Migrating Off of Hadoop
Databricks
 
Democratizing Data Quality Through a Centralized Platform
Databricks
 
Learn to Use Databricks for Data Science
Databricks
 
Why APM Is Not the Same As ML Monitoring
Databricks
 
The Function, the Context, and the Data—Enabling ML Ops at Stitch Fix
Databricks
 
Stage Level Scheduling Improving Big Data and AI Integration
Databricks
 
Simplify Data Conversion from Spark to TensorFlow and PyTorch
Databricks
 
Scaling your Data Pipelines with Apache Spark on Kubernetes
Databricks
 
Scaling and Unifying SciKit Learn and Apache Spark Pipelines
Databricks
 
Sawtooth Windows for Feature Aggregations
Databricks
 
Redis + Apache Spark = Swiss Army Knife Meets Kitchen Sink
Databricks
 
Re-imagine Data Monitoring with whylogs and Spark
Databricks
 
Raven: End-to-end Optimization of ML Prediction Queries
Databricks
 
Processing Large Datasets for ADAS Applications using Apache Spark
Databricks
 
Machine Learning CI/CD for Email Attack Detection
Databricks
 

Recently uploaded (20)

PPTX
Managing Community Partner Relationships
alexmderr
 
PPTX
retention in jsjsksksksnbsndjddjdnFPD.pptx
JayeshTaneja4
 
PDF
How to run a consulting project- client discovery
P&CO
 
PDF
Introduction to Data Science and Data Analysis
Suraj Patil
 
PPTX
IMPACT OF LANDSLIDE.....................
shinjanmandal111
 
PPTX
sac 451hinhgsgshssjsjsjheegdggeegegdggddgeg.pptx
Akash486765
 
PDF
Data Engineering Interview Questions & Answers Batch Processing (Spark, Hadoo...
Mindbox Trainings
 
PDF
Global Data and Analytics Market Outlook Report
ssuser11803e
 
PDF
Jean-Georges Perrin - Spark in Action, Second Edition (2020, Manning Publicat...
Pablo Jose Prieto Entenza
 
PDF
Data Engineering Interview Questions & Answers Cloud Data Stacks (AWS, Azure,...
Mindbox Trainings
 
PDF
Optimise Shopper Experiences with a Strong Data Estate.pdf
Prasad Chandane
 
PDF
Microsoft Core Cloud Services powerpoint
KamelAbouSaleh1
 
PPTX
SAP 2 completion done . PRESENTATION.pptx
POORNIMAN26
 
PPTX
modul_python (1).pptx for professional and student
putusurya12
 
PPTX
(Ali Hamza) Roll No: (F24-BSCS-1103).pptx
fb7654821
 
PDF
Business Analytics and business intelligence.pdf
khalidisah4750
 
PDF
168300704-gasification-ppt.pdfhghhhsjsjhsuxush
sriram270905
 
PPTX
Database Infoormation System (DBIS).pptx
TefferiMekonnen2
 
DOCX
Factor Analysis Word Document Presentation
SoeMoe58
 
PPTX
AI Strategy room jwfjksfksfjsjsjsjsjfsjfsj
ankitpratapsingh28
 
Managing Community Partner Relationships
alexmderr
 
retention in jsjsksksksnbsndjddjdnFPD.pptx
JayeshTaneja4
 
How to run a consulting project- client discovery
P&CO
 
Introduction to Data Science and Data Analysis
Suraj Patil
 
IMPACT OF LANDSLIDE.....................
shinjanmandal111
 
sac 451hinhgsgshssjsjsjheegdggeegegdggddgeg.pptx
Akash486765
 
Data Engineering Interview Questions & Answers Batch Processing (Spark, Hadoo...
Mindbox Trainings
 
Global Data and Analytics Market Outlook Report
ssuser11803e
 
Jean-Georges Perrin - Spark in Action, Second Edition (2020, Manning Publicat...
Pablo Jose Prieto Entenza
 
Data Engineering Interview Questions & Answers Cloud Data Stacks (AWS, Azure,...
Mindbox Trainings
 
Optimise Shopper Experiences with a Strong Data Estate.pdf
Prasad Chandane
 
Microsoft Core Cloud Services powerpoint
KamelAbouSaleh1
 
SAP 2 completion done . PRESENTATION.pptx
POORNIMAN26
 
modul_python (1).pptx for professional and student
putusurya12
 
(Ali Hamza) Roll No: (F24-BSCS-1103).pptx
fb7654821
 
Business Analytics and business intelligence.pdf
khalidisah4750
 
168300704-gasification-ppt.pdfhghhhsjsjhsuxush
sriram270905
 
Database Infoormation System (DBIS).pptx
TefferiMekonnen2
 
Factor Analysis Word Document Presentation
SoeMoe58
 
AI Strategy room jwfjksfksfjsjsjsjsjfsjfsj
ankitpratapsingh28
 

Threat Detection and Response at Scale with Dominique Brezinski