News photo banner


Big Data Platform Update will Enable Faster Identification of Cyber Threats

Cyber operators and analysts with a need to run custom analytics on specific data sets will have access to increased ad-hoc query capabilities in August, when an upgrade to the Defense Information Systems Agency’s (DISA) Big Data Platform (BDP) is projected for release.

The planned update was announced by Dave Mihelcic, DISA chief technology officer, at the Armed Forces Communications and Electronics Association’s D.C. Chapter Breakfast June 15 in Washington.

BDP is a DISA-developed distributed computing environment that supports the ingest, correlation, and visualization of multiple petabytes of data from DOD Information Network (DODIN) sources.

BDP is the underlying architecture supporting the Cyber Situational Awareness Analytic Capabilities (CSAAC) - a set of widgets, analytics, ingest code, and data structures that provide a broader and more comprehensive view of DODIN activity than the department has ever had.

CSAAC enables informed decision making and enhances the overall security posture of DOD networks.  

“We’re about to see quantum leaps in our ability to rapidly develop, deploy, and utilize analytics for [CSAAC],” said Mihelcic.

The BDP update will give operators the ability to carve out mission focused data sets within the existing solution  and run custom, mission-focused analytics against the specified  data.

“The ability for operators to focus the queries against only the data supporting their mission will greatly decrease the time it takes to visualize the results as well as allow further drill down into each result set,” said Bob Landreth, the BDP program manager.

The major benefit, according to Mihelcic, is the ability to take commercially-developed analytics or those that are written on-the-fly by field operators, and run those against some or all of the data, without having to interact with the purpose-built and certified core analytics.

“This addition to the BDP architecture will allow users to identify new cyber threats in a much timelier manner moving forward,” said Landreth.




Published June 17, 2016