This stage in security is not only about detection of a known threat but also using the cloud, big data analysis, and machine learning to prevent unknown threats and to enable the system to take proactive protection action. Key characteristics at this stage are:
- Fully or mostly automated security testing through the whole development cycle
- Applying big data analysis and machine learning to identify abnormal behavior or unknown threats
- Proactive security action is taken automatically for security events, for example, the deployment of WAF rules or the deployment of a virtual patch
Typical open source technical components in big data analysis frameworks include the following:
- Flume, Log ...