QSight IT (QSight) is a Dutch IT company with absolute focus on networking, security, storage and cloud. Organizations from financial services, government and utilities sectors, healthcare, retail, business services and other industries are part of QSight’s clientele. Its teams of security and network professionals use techniques such as Big Data, Machine Learning and Artificial Intelligence to detect early cyber threats, neutralize the threat and manage IT-efficiently.
As a security supplier with a data centric perspective, data is mission critical to QSight. With its previous solutions, the company could identify possible threats, but had no effective way of determining the potential impact of security related events.
With the growth and diversity of data, the speed with which data needs to be processed is also a huge challenge. Decentral data storage makes it difficult to create new insights. The previous solution was not integrated, which led to increased maintenance and insufficient flexibility and scalability. It was an ineffective way of getting results.
QSight relies heavily on its data to determine the impact, context, and risk level for its customers. The more information that is available, the more refined the risk assessment can be.
It was clear that QSight needed to be able to leverage data to get a clearer view on determining the size and impact of security threats. Rather than taking the whole data set and determining there was a security risk within it, QSight needed the ability to mitigate risks and monitor them at a more granular level.
The company implemented Hortonworks Data Platform (HDP®) as its Big Data solution. Through HDP, there were no limitations on the insights QSight could gain for its customers because there were no longer technical limitations.
QSight also implemented Apache Metron for its Big Data security. This provides all the advantages of HDF and HDP along with an additional layer of cybersecurity. This has offered QSight the ability to scale, keep costs low, and provide security based information. With this setup, it can reap the benefits of security two different ways. The company can leverage its previous methods, along with the added layer of security that Metron provides.
QSight has been able to process 800,000 to 1 million customer events per day with the use of HDP and Hortonworks DataFlow (HDF ™), which was nowhere near possible with traditional technologies. By implementing HDP, the company gains a complete picture of potential security threats. This information is used, comparisons drawn from it, and definitive answers gleaned.
Now, the time to react is now much shorter, with better and faster insight provided for security threats. The new platform is completely data driven which means the company can connect a vast amount of log-sources, threat intel, and security feeds. QSight now offers risk based service, with follow up being based on business classification and priority (determined based on risk and compliance).
That’s how Hadoop came in to play for us. From a technology perspective, it’s well established and flexible enough to address our future challenges, even the ones we may not be aware of yet.
-Niels Steinissen, Manager Of Research & Development At QSight IT