User Guide
Copyright © 2012-2017 Hortonworks, Inc.
Except where otherwise noted, this document is licensed under Creative Commons Attribution ShareAlike 4.0 License |
2017-04-13
Abstract
Hortonworks Cybersecurity Package (HCP) is a modern data application based on Apache Metron, powered by Apache Hadoop, Apache Storm, and related technologies.
HCP provides a framework and tools to enable greater efficiency in Security Operation Centers (SOCs) along with better and faster threat detection in real-time at massive scale. It provides ingestion, parsing and normalization of fully enriched, contextualized data, threat intelligence feeds, triage and machine learning based detection. It also provides end user near real-time dashboards.
Based on a strong foundation in the Hortonworks Data Platform (HDP) and Hortonworks DataFlow (HDF) stacks, HCP provides an integrated advanced platform for security analytics.
Please visit the Hortonworks Data Platform page for more information on Hortonworks technology. For more information on Hortonworks services, please visit either the Support or Training page. Feel free to Contact Us directly to discuss your specific needs.
Contents
List of Figures
- 1.1. Dashboard-Snort Panel
- 1.2. Events
- 1.3. Enrichment
- 1.4. YAF
- 1.5. Dashboard-Snort Panel
- 1.6. Dashboard-Bro Panel
- 1.7. Dashboard-DNS Panel
- 2.1. Ambari Task List
- 2.2. Configure an Index Pattern
- 2.3. Discover Tab with Squid Elements
- 2.4. Time Filter
- 2.5. Query Search Text Entry Box