Cloudera Cybersecurity Platform 安全处理平台
2020-09-16 10:51 宋海宾 阅读(227) 评论(0) 编辑 收藏 举报Real-Time Processing Security Engine
The core of Cloudera Cybersecurity Platform (CCP) architecture is the Apache Metron real-time processing security engine.
The real-time processing security engine provides the ingest buffer to capture raw events, and, in real time, parses the raw events, enriches the events with relevant contextual information, enriches the events with threat intelligence, and applies available models (such as triaging threats by using the Stellar language). The engine then writes the events to a searchable index, as well as to HDFS, for analytics.
