Stories
Slash Boxes
Comments

SoylentNews is people

Apache Foundation Hails Metron as New Top Level Project for Cybersecurity

posted by n1 on Tuesday April 25 2017, @02:29AM   Printer-friendly
from the all-your-data dept.
Software

Phoenix666 writes:

The Apache Software Foundation (ASF) has announced Metron, a cybersecurity applications framework for centralised monitoring and analysis of network traffic, as its newest top-level project.

Metron was born out of Cisco's OpenSoc project in 2014. OpenSoc aimed to provide a scalable security analytics tool based on the Hadoop framework. But where OpenSoc would have consumed and monitored network traffic and machine exhaust data out of data centers, Metron is a framework which can handle any kind of telemetry data.

The project was submitted to the Apache Incubator in December 2015, and its first release, Apache Metron v0.1, debuted in April 2016. As a top-level project its foundations remain in the Hadoop ecosystem, and it is built atop fellow Apache projects Storm, HBase and Kafka to handle streaming data in a real-time fashion.

Metron ingests, transforms, and normalises telemetry, including full network packet capture, and the data it takes in can be enriched with additional elements such as geographic location or asset identifiers as it streams by.

Original Submission

This discussion has been archived. No new comments can be posted.
Apache Foundation Hails Metron as New Top Level Project for Cybersecurity | Log In/Create an Account | Top | 6 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)

  • (Score: 1, Insightful) by Anonymous Coward on Tuesday April 25 2017, @02:39AM (1 child)

    by Anonymous Coward on Tuesday April 25 2017, @02:39AM (#499130)

    See subject.

    • (Score: 1, Funny) by Anonymous Coward on Tuesday April 25 2017, @03:21AM

      by Anonymous Coward on Tuesday April 25 2017, @03:21AM (#499137)

      I thought SourceForge was the homeless shelter for abandoned software? I guess SourceForge is more like a graveyard for dead projects.

  • (Score: 3, Insightful) by coolgopher on Tuesday April 25 2017, @02:47AM

    by coolgopher (1157) on Tuesday April 25 2017, @02:47AM (#499133)

    Heavens, not more stuff on top of that HBase monstrosity!

    Out of all the newfandangled map/reduce and nosql stuff, HBase and Hadoop are the ones I really can't stand to work on/with. "Just" spin up at least three VMs, further bog it down by running within a JVM, and then watch silent data corruption and, especially, truncation.

    The Oracle RDBMS was a behemoth and P.I.T.A., but at least the bloody thing *worked*.

    Here endeth lawn-rant.

  • (Score: 0) by Anonymous Coward on Tuesday April 25 2017, @03:50AM

    by Anonymous Coward on Tuesday April 25 2017, @03:50AM (#499142)

    Finally, a fully functional FOSS replacement for Windows!

  • (Score: 2) by kaszz on Tuesday April 25 2017, @04:56AM

    by kaszz (4211) on Tuesday April 25 2017, @04:56AM (#499146) Journal

    Cisco is a corporation that has let the alphabet soup backdoor their products. So if this source code shall be used it better be scrutinized deeply.

  • (Score: 0) by Anonymous Coward on Tuesday April 25 2017, @06:29PM

    by Anonymous Coward on Tuesday April 25 2017, @06:29PM (#499471)

    With several technologies that run arbitrary code, strapped to a file system that's slow and also runs arbitrary code, and is incredibly complex to secure.

(1)