You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@spot.apache.org by ce...@apache.org on 2017/01/18 00:49:38 UTC
[8/8] incubator-spot git commit: Incorporating new HTML and picture
files to Spot website
Incorporating new HTML and picture files to Spot website
Project: http://git-wip-us.apache.org/repos/asf/incubator-spot/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-spot/commit/67c0416b
Tree: http://git-wip-us.apache.org/repos/asf/incubator-spot/tree/67c0416b
Diff: http://git-wip-us.apache.org/repos/asf/incubator-spot/diff/67c0416b
Branch: refs/heads/asf-site
Commit: 67c0416b4b8b5d055e4f1c27db286cd916eddf98
Parents: 675520b
Author: Cesar <ce...@apache.org>
Authored: Tue Jan 17 18:49:17 2017 -0600
Committer: Cesar <ce...@apache.org>
Committed: Tue Jan 17 18:49:17 2017 -0600
----------------------------------------------------------------------
.DS_Store | Bin 0 -> 10244 bytes
2016/03/index.php | 60 +
2016/08/index.php | 88 ++
2016/09/index.php | 57 +
2016/10/index.php | 60 +
2016/index.php | 0
.../feed/index.html | 18 +
.../index.php | 94 ++
.../feed/index.html | 18 +
.../index.php | 98 ++
.../feed/index.html | 18 +
.../index.php | 80 +
blog/index.php | 153 ++
.../feed/index.html | 18 +
.../index.php | 128 ++
.../feed/index.html | 18 +
.../index.php | 69 +
category/cybersecurity/index.php | 59 +
category/data-science/index.php | 59 +
category/index.php | 0
category/ipython-notebooks/index.php | 56 +
category/security-analytics/index.php | 58 +
category/threat-analysis-tools/index.php | 58 +
category/uncategorized/index.php | 85 ++
contribute/index.php | 86 ++
doc/css/meanmenu.css | 170 +++
doc/css/style.css | 547 +++++++
doc/fonts/icomoon.eot | Bin 0 -> 1932 bytes
doc/fonts/icomoon.svg | 14 +
doc/fonts/icomoon.ttf | Bin 0 -> 1768 bytes
doc/fonts/icomoon.woff | Bin 0 -> 1844 bytes
doc/fonts/menu.eot | Bin 0 -> 1284 bytes
doc/fonts/menu.svg | 13 +
doc/fonts/menu.ttf | Bin 0 -> 1132 bytes
doc/fonts/menu.woff | Bin 0 -> 1208 bytes
doc/images/1.1_dns_sb01.jpg | Bin 0 -> 110277 bytes
doc/images/1.1_dns_sb02.jpg | Bin 0 -> 112282 bytes
doc/images/1.1_dns_sc01.jpg | Bin 0 -> 429125 bytes
doc/images/1.1_dns_ti01.jpg | Bin 0 -> 58380 bytes
doc/images/1.1_dns_ti02.png | Bin 0 -> 21081 bytes
doc/images/1.1_dns_ti03.jpg | Bin 0 -> 76401 bytes
doc/images/1.1_dns_ti04.jpg | Bin 0 -> 82380 bytes
doc/images/1.1_dns_ti05.jpg | Bin 0 -> 16338 bytes
doc/images/1.1_proxy_sb01.jpg | Bin 0 -> 69827 bytes
doc/images/1.1_proxy_sb02.jpg | Bin 0 -> 112775 bytes
doc/images/1.1_proxy_sb03.jpg | Bin 0 -> 49804 bytes
doc/images/1.1_proxy_sb04.jpg | Bin 0 -> 74732 bytes
doc/images/1.1_proxy_sb05.jpg | Bin 0 -> 36627 bytes
doc/images/1.1_proxy_sb06.jpg | Bin 0 -> 143049 bytes
doc/images/1.1_proxy_sc01.jpg | Bin 0 -> 295489 bytes
doc/images/1.1_proxy_sc02.jpg | Bin 0 -> 36772 bytes
doc/images/1.1_proxy_sc03.jpg | Bin 0 -> 40111 bytes
doc/images/1.1_proxy_sc04.jpg | Bin 0 -> 113443 bytes
doc/images/1.1_proxy_sc05.jpg | Bin 0 -> 50650 bytes
doc/images/1.1_proxy_sc06.jpg | Bin 0 -> 62302 bytes
doc/images/1.1_proxy_sc07.jpg | Bin 0 -> 41372 bytes
doc/images/1.1_proxy_sc08.jpg | Bin 0 -> 76114 bytes
doc/images/1.1_proxy_sc09.jpg | Bin 0 -> 65889 bytes
doc/images/1.1_proxy_sc10.jpg | Bin 0 -> 72009 bytes
doc/images/1.1_proxy_ti01.jpg | Bin 0 -> 57177 bytes
doc/images/1.1_proxy_ti02.jpg | Bin 0 -> 73257 bytes
doc/images/1.1_proxy_ti03.jpg | Bin 0 -> 159249 bytes
doc/images/1.1_proxy_ti04.jpg | Bin 0 -> 12598 bytes
doc/images/1.1_sc10.jpg | Bin 0 -> 100932 bytes
doc/images/1.1_sc2.jpg | Bin 0 -> 163175 bytes
doc/images/1.1_sc3.jpg | Bin 0 -> 413811 bytes
doc/images/1.1_sc4.jpg | Bin 0 -> 117613 bytes
doc/images/1.1_sc5.jpg | Bin 0 -> 117542 bytes
doc/images/1.1_sc6.jpg | Bin 0 -> 68949 bytes
doc/images/1.1_sc7.jpg | Bin 0 -> 72326 bytes
doc/images/1.1_sc8.jpg | Bin 0 -> 73367 bytes
doc/images/1.1_sc9.jpg | Bin 0 -> 171138 bytes
doc/images/1.1_technical_overviewv02.jpg | Bin 0 -> 114063 bytes
doc/images/1.1_ti01.jpg | Bin 0 -> 227065 bytes
doc/images/1.1_ti02.jpg | Bin 0 -> 79562 bytes
doc/images/1.1_ti03.jpg | Bin 0 -> 35558 bytes
doc/images/1.1sc1.jpg | Bin 0 -> 229276 bytes
doc/images/add-to-slack.png | Bin 0 -> 2506 bytes
doc/images/apache-incubator.png | Bin 0 -> 7213 bytes
doc/images/apple-touch-icon.png | Bin 0 -> 11173 bytes
doc/images/cd-top-arrow.svg | 7 +
doc/images/close.png | Bin 0 -> 1382 bytes
doc/images/dns_sb_tit1.JPG | Bin 0 -> 39484 bytes
doc/images/flow_sb_1.JPG | Bin 0 -> 106540 bytes
doc/images/flow_sb_2.JPG | Bin 0 -> 26249 bytes
doc/images/flow_sb_3.JPG | Bin 0 -> 32924 bytes
doc/images/flow_sb_4.JPG | Bin 0 -> 20536 bytes
doc/images/flow_sb_4b.JPG | Bin 0 -> 18885 bytes
doc/images/flow_sb_5.JPG | Bin 0 -> 28232 bytes
doc/images/flow_sb_6.JPG | Bin 0 -> 21984 bytes
doc/images/hybrid_hadoop.bmp | Bin 0 -> 2448462 bytes
doc/images/is1.png | Bin 0 -> 39172 bytes
doc/images/is2.png | Bin 0 -> 49574 bytes
doc/images/logo.png | Bin 0 -> 8007 bytes
doc/images/masthead-bg.jpg | Bin 0 -> 431055 bytes
doc/images/open.png | Bin 0 -> 1381 bytes
doc/images/pure_hadoop.bmp | Bin 0 -> 4963738 bytes
doc/images/sb_tit1.JPG | Bin 0 -> 58807 bytes
doc/images/win8-tile-icon.png | Bin 0 -> 14766 bytes
doc/index.html | 1444 ++++++++++++++++++
doc/js/classie.js | 70 +
doc/js/jquery-migrate.min.js | 2 +
doc/js/jquery.meanmenu.js | 285 ++++
doc/js/libs/modernizr.custom.min.js | 4 +
doc/js/scripts.js | 176 +++
doc/spot.css | 81 +
favicon.png | Bin 0 -> 2787 bytes
includes/config.php | 7 +
includes/download-sidebar.php | 14 +
includes/footer.php | 22 +
includes/header.php | 116 ++
includes/prefooter.php | 22 +
includes/sidebar.php | 41 +
index.php | 283 ++++
library/css/meanmenu.css | 170 +++
library/css/style.css | 1189 ++++++++++++++
library/fonts/icomoon.eot | Bin 0 -> 1932 bytes
library/fonts/icomoon.svg | 14 +
library/fonts/icomoon.ttf | Bin 0 -> 1768 bytes
library/fonts/icomoon.woff | Bin 0 -> 1844 bytes
library/images/FloCon2015.png | Bin 0 -> 43681 bytes
.../images/ONI_Architecture-Diagram_1300_v4.png | Bin 0 -> 449035 bytes
library/images/SPOT_Collabration-Icon_v2.png | Bin 0 -> 3852 bytes
library/images/SPOT_OpenDataModel-Icon_v1.png | Bin 0 -> 3906 bytes
library/images/add-to-slack.png | Bin 0 -> 2506 bytes
library/images/advantages-1.png | Bin 0 -> 37207 bytes
library/images/and.png | Bin 0 -> 1699 bytes
library/images/apache-incubator.png | Bin 0 -> 7213 bytes
library/images/apple-touch-icon.png | Bin 0 -> 11173 bytes
library/images/bullet.png | Bin 0 -> 974 bytes
library/images/cd-top-arrow.svg | 7 +
library/images/community/centrify.png | Bin 0 -> 8050 bytes
library/images/community/cloudera.png | Bin 0 -> 6093 bytes
library/images/community/cloudwick.png | Bin 0 -> 4173 bytes
library/images/community/cybraics.png | Bin 0 -> 5196 bytes
library/images/community/ebay.png | Bin 0 -> 6778 bytes
library/images/community/endgame.png | Bin 0 -> 8110 bytes
library/images/community/intel.png | Bin 0 -> 5938 bytes
library/images/community/jask.png | Bin 0 -> 3866 bytes
library/images/community/rich-it.png | Bin 0 -> 5510 bytes
library/images/community/semantix.png | Bin 0 -> 6987 bytes
library/images/community/webroot.png | Bin 0 -> 6305 bytes
library/images/connects.png | Bin 0 -> 3696 bytes
library/images/details.png | Bin 0 -> 92267 bytes
library/images/how-it-works.png | Bin 0 -> 45779 bytes
library/images/iPython-1.png | Bin 0 -> 12682 bytes
library/images/individual-push.png | Bin 0 -> 142301 bytes
library/images/ingest-summary.png | Bin 0 -> 56195 bytes
library/images/ingestion.png | Bin 0 -> 178178 bytes
library/images/key_features_bg.jpg | Bin 0 -> 23292 bytes
library/images/logo.png | Bin 0 -> 8007 bytes
library/images/machine-learning.png | Bin 0 -> 179821 bytes
library/images/magnify-icon.png | Bin 0 -> 3770 bytes
library/images/masthead-bg.jpg | Bin 0 -> 431055 bytes
library/images/masthead-bg.png | Bin 0 -> 70435 bytes
library/images/network.png | Bin 0 -> 62056 bytes
.../images/not needed/FloCon2015-300x225.png | Bin 0 -> 40316 bytes
.../images/not needed/FloCon2015-768x576.png | Bin 0 -> 111556 bytes
...NI_Architecture-Diagram_1300_v4-1024x532.png | Bin 0 -> 309743 bytes
...ONI_Architecture-Diagram_1300_v4-300x156.png | Bin 0 -> 36669 bytes
...ONI_Architecture-Diagram_1300_v4-768x399.png | Bin 0 -> 185948 bytes
.../ONI_Architecture-Diagram_1300_v4_old.png | Bin 0 -> 431626 bytes
.../images/not needed/advantages-1-300x136.png | Bin 0 -> 16738 bytes
.../images/not needed/advantages-1-768x347.png | Bin 0 -> 54522 bytes
library/images/not needed/iPython-1-300x89.png | Bin 0 -> 13403 bytes
library/images/notebook.png | Bin 0 -> 54507 bytes
library/images/odm.png | Bin 0 -> 36674 bytes
library/images/quote-person.png | Bin 0 -> 1881 bytes
library/images/quotes.png | Bin 0 -> 886 bytes
library/images/search.png | Bin 0 -> 391 bytes
library/images/spot470.png | Bin 0 -> 16211 bytes
library/images/storyboard-icon.png | Bin 0 -> 3317 bytes
library/images/suspicious.png | Bin 0 -> 80577 bytes
library/images/threat-icon.png | Bin 0 -> 3542 bytes
library/images/topic-branching.png | Bin 0 -> 132983 bytes
library/images/win8-tile-icon.png | Bin 0 -> 14766 bytes
library/js/jquery-migrate.min.js | 2 +
library/js/jquery.js | 6 +
library/js/jquery.meanmenu.js | 285 ++++
library/js/libs/modernizr.custom.min.js | 4 +
library/js/scripts.js | 141 ++
library/pdf/Proposed_Apache-Spot_workflow.pdf | Bin 0 -> 263628 bytes
project-components/index.php | 0
project-components/ingestion/index.php | 67 +
project-components/machine-learning/index.php | 47 +
project-components/open-data-models/index.php | 60 +
project-components/visualization/index.php | 79 +
tag/github/index.php | 57 +
tag/index.php | 0
tag/open-network-insight/index.php | 59 +
tag/open-source/index.php | 59 +
191 files changed, 7002 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-spot/blob/67c0416b/.DS_Store
----------------------------------------------------------------------
diff --git a/.DS_Store b/.DS_Store
new file mode 100644
index 0000000..e14de31
Binary files /dev/null and b/.DS_Store differ
http://git-wip-us.apache.org/repos/asf/incubator-spot/blob/67c0416b/2016/03/index.php
----------------------------------------------------------------------
diff --git a/2016/03/index.php b/2016/03/index.php
new file mode 100755
index 0000000..943d6c9
--- /dev/null
+++ b/2016/03/index.php
@@ -0,0 +1,60 @@
+<?php include '../../includes/config.php'; ?>
+
+<?php
+$bodyclass = "archive date";
+$pageTitle = "March 2016 - Apache Spot";
+$description = "";
+$currentPage = 'blog';
+?>
+<?php include '../../includes/header.php'; ?>
+
+ <div id="content">
+
+ <div id="inner-content" class="wrap cf">
+
+ <main id="main" class="m-all t-2of3 d-5of7 cf" role="main" itemscope itemprop="mainContentOfPage" itemtype="http://schema.org/Blog">
+
+ <h1 class="page-title">Month: March 2016</h1>
+
+ <article id="post-62" class="cf post-62 post type-post status-publish format-standard hentry category-security-analytics tag-github tag-open-network-insight tag-open-source" role="article">
+
+ <header class="entry-header article-header">
+
+ <h3 class="h2 entry-title"><a href="../../blog/apache-spot-3-most-asked-questions/" rel="bookmark" title="Apache Spot: Three Most-Asked Questions">Apache Spot (Incubating): Three Most-Asked Questions</a></h3>
+ <p class="byline entry-meta vcard">
+ <time class="updated entry-time" datetime="2016-03-29" itemprop="datePublished">
+ March 29, 2016
+ </time>
+ </span>
+ </p>
+
+ </header>
+
+ <section class="entry-content cf">
+
+ <p>
+ While this is not the first blog post about Apache Spot, it is the first one by a creator of the solution. As a security data scientist in Intel’s Data Center Group, I joined a small team to start thinking about solving really hard problems in cloud analytics. The team grew, and out of that… <a class="excerpt-read-more" href="../../blog/apache-spot-3-most-asked-questions/" title="Read Apache Spot: Three Most-Asked Questions">Read more »</a>
+ </p>
+
+ </section>
+
+ <footer class="article-footer">
+
+ </footer>
+
+ </article>
+
+ </main>
+
+ <?php include '../../includes/sidebar.php'; ?>
+
+ </div>
+
+ </div>
+
+ <?php include '../../includes/footer.php'; ?>
+
+
+ </body>
+
+</html>
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/incubator-spot/blob/67c0416b/2016/08/index.php
----------------------------------------------------------------------
diff --git a/2016/08/index.php b/2016/08/index.php
new file mode 100755
index 0000000..f3fd605
--- /dev/null
+++ b/2016/08/index.php
@@ -0,0 +1,88 @@
+<?php include '../../includes/config.php'; ?>
+
+<?php
+$bodyclass = "archive date";
+$pageTitle = "August 2016 - Apache Spot";
+$description = "";
+$currentPage = 'blog';
+?>
+<?php include '../../includes/header.php'; ?>
+
+ <div id="content">
+
+ <div id="inner-content" class="wrap cf">
+
+ <main id="main" class="m-all t-2of3 d-5of7 cf" role="main" itemscope itemprop="mainContentOfPage" itemtype="http://schema.org/Blog">
+
+ <h1 class="page-title">Month: August 2016</h1>
+
+ <article id="post-117" class="cf post-117 post type-post status-publish format-standard hentry category-cybersecurity" role="article">
+
+ <header class="entry-header article-header">
+
+ <h3 class="h2 entry-title"><a href="../../blog/apache-spot-and-cybersecurity-using-netflows-to-detect-threats-to-critical-infrastructure/" rel="bookmark" title="Apache Spot and Cybersecurity \u2014 Using NetFlows to Detect Threats to Critical Infrastructure">Apache Spot (Incubating) and Cybersecurity \u2014 Using NetFlows to Detect Threats to Critical Infrastructure</a></h3>
+ <p class="byline entry-meta vcard">
+ <time class="updated entry-time" datetime="2016-08-08" itemprop="datePublished">
+ August 8, 2016
+ </time>
+ </span>
+ </p>
+
+ </header>
+
+ <section class="entry-content cf">
+
+ <p>
+ The \u201cfirst\u201d documented cybersecurity case was the worm replication, which was initiated by Robert T. Morris on November 2, 1988. Wow! Here we are in 2016, 28 years later, with viruses and worms giving way to Trojan horses and polymorphic code. Nowadays, we are also fighting against DDoS, phishing, spear phishing attacks, command and controls… <a class="excerpt-read-more" href="../../blog/apache-spot-and-cybersecurity-using-netflows-to-detect-threats-to-critical-infrastructure/" title="Read Apache Spot and Cybersecurity \u2014 Using NetFlows to Detect Threats to Critical Infrastructure">Read more »</a>
+ </p>
+
+ </section>
+
+ <footer class="article-footer">
+
+ </footer>
+
+ </article>
+
+ <article id="post-113" class="cf post-113 post type-post status-publish format-standard hentry category-uncategorized" role="article">
+
+ <header class="entry-header article-header">
+
+ <h3 class="h2 entry-title"><a href="../../blog/how-apache-spot-helps-create-well-stocked-data-lakes-and-catch-powerful-insights/" rel="bookmark" title="How Apache Spot Helps Create Well-Stocked Data Lakes and Catch Powerful Insights">How Apache Spot (Incubating) Helps Create Well-Stocked Data Lakes and Catch Powerful Insights</a></h3>
+ <p class="byline entry-meta vcard">
+ <time class="updated entry-time" datetime="2016-08-08" itemprop="datePublished">
+ August 8, 2016
+ </time>
+ </span>
+ </p>
+
+ </header>
+
+ <section class="entry-content cf">
+
+ <p>
+ About four years ago, the era of the Big Data analytics began. Paired with advanced analytics, massive volumes of data can be culled to not only inform critical decisions, but also to simulate sophisticated \u201cwhat if\u201d scenarios that allow companies to gain competitive advantages by generating and predicting different scenarios. For example, a financial services… <a class="excerpt-read-more" href="../../blog/how-apache-spot-helps-create-well-stocked-data-lakes-and-catch-powerful-insights/" title="Read How Apache Spot Helps Create Well-Stocked Data Lakes and Catch Powerful Insights">Read more »</a>
+ </p>
+
+ </section>
+
+ <footer class="article-footer">
+
+ </footer>
+
+ </article>
+
+ </main>
+
+ <?php include '../../includes/sidebar.php'; ?>
+
+ </div>
+
+ </div>
+
+ <?php include '../../includes/footer.php'; ?>
+
+ </body>
+
+</html>
+<!-- end of site. what a ride! -->
http://git-wip-us.apache.org/repos/asf/incubator-spot/blob/67c0416b/2016/09/index.php
----------------------------------------------------------------------
diff --git a/2016/09/index.php b/2016/09/index.php
new file mode 100755
index 0000000..5ec7cb5
--- /dev/null
+++ b/2016/09/index.php
@@ -0,0 +1,57 @@
+<?php include '../../includes/config.php'; ?>
+
+<?php
+$bodyclass = "archive date";
+$pageTitle = "September 2016 - Apache Spot";
+$description = "";
+$currentPage = 'blog';
+?>
+<?php include '../../includes/header.php'; ?>
+ <div id="content">
+
+ <div id="inner-content" class="wrap cf">
+
+ <main id="main" class="m-all t-2of3 d-5of7 cf" role="main" itemscope itemprop="mainContentOfPage" itemtype="http://schema.org/Blog">
+
+ <h1 class="page-title">Month: September 2016</h1>
+
+ <article id="post-136" class="cf post-136 post type-post status-publish format-standard hentry category-uncategorized" role="article">
+
+ <header class="entry-header article-header">
+
+ <h3 class="h2 entry-title"><a href="../../blog/jupyter-notebooks-for-data-analysis/" rel="bookmark" title="Jupyter Notebooks for Data Analysis">Jupyter Notebooks for Data Analysis</a></h3>
+ <p class="byline entry-meta vcard">
+ <time class="updated entry-time" datetime="2016-09-22" itemprop="datePublished">
+ September 22, 2016
+ </time>
+ </span>
+ </p>
+
+ </header>
+
+ <section class="entry-content cf">
+
+ <p>
+ Why Does Apache Spot Include iPython notebooks? The project team wants Apache Spot needs to be a versatile tool that can be used by anyone. This means that data scientists and developers need to be able to query and handle the source data to find all the information they need for their decision making. The… <a class="excerpt-read-more" href="../../blog/jupyter-notebooks-for-data-analysis/" title="Read Jupyter Notebooks for Data Analysis">Read more »</a>
+ </p>
+
+ </section>
+
+ <footer class="article-footer">
+
+ </footer>
+
+ </article>
+
+ </main>
+
+ <?php include '../../includes/sidebar.php'; ?>
+ </div>
+
+ </div>
+
+ <?php include '../../includes/footer.php'; ?>
+
+ </body>
+
+</html>
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/incubator-spot/blob/67c0416b/2016/10/index.php
----------------------------------------------------------------------
diff --git a/2016/10/index.php b/2016/10/index.php
new file mode 100755
index 0000000..27ce039
--- /dev/null
+++ b/2016/10/index.php
@@ -0,0 +1,60 @@
+<?php include '../../includes/config.php'; ?>
+
+<?php
+$bodyclass = "archive date";
+$pageTitle = "October 2016 - Apache Spot";
+$description = "";
+$currentPage = 'blog';
+?>
+<?php include '../../includes/header.php'; ?>
+
+ <div id="content">
+
+ <div id="inner-content" class="wrap cf">
+
+ <main id="main" class="m-all t-2of3 d-5of7 cf" role="main" itemscope itemprop="mainContentOfPage" itemtype="http://schema.org/Blog">
+
+ <h1 class="page-title">Month: October 2016</h1>
+
+ <article id="post-149" class="cf post-149 post type-post status-publish format-standard hentry category-uncategorized" role="article">
+
+ <header class="entry-header article-header">
+
+ <h3 class="h2 entry-title"><a href="../../blog/strength-in-numbers-why-consider-open-source-cybersecurity-analytics/" rel="bookmark" title="Strength in Numbers: Why Consider Open Source Cybersecurity Analytics">Strength in Numbers: Why Consider Open Source Cybersecurity Analytics</a></h3>
+ <p class="byline entry-meta vcard">
+ <time class="updated entry-time" datetime="2016-10-21" itemprop="datePublished">
+ October 21, 2016
+ </time>
+ </span>
+ </p>
+
+ </header>
+
+ <section class="entry-content cf">
+
+ <p>
+ By Rob Kent, Vice President of Marketing at Cybraics Competition is widely considered to be a healthy and positive thing, traditionally viewed as providing options for customers and fueling innovation. In the world of cybersecurity there is no shortage of competition, in fact cybersecurity is one of the most crowded and fast-growing areas of technology…. <a class="excerpt-read-more" href="../../blog/strength-in-numbers-why-consider-open-source-cybersecurity-analytics/" title="Read Strength in Numbers: Why Consider Open Source Cybersecurity Analytics">Read more »</a>
+ </p>
+
+ </section>
+
+ <footer class="article-footer">
+
+ </footer>
+
+ </article>
+
+ </main>
+
+ <?php include '../../includes/sidebar.php'; ?>
+
+ </div>
+
+ </div>
+
+ <?php include '../../includes/footer.php'; ?>
+
+ </body>
+
+</html>
+<!-- end of site. what a ride! -->
http://git-wip-us.apache.org/repos/asf/incubator-spot/blob/67c0416b/2016/index.php
----------------------------------------------------------------------
diff --git a/2016/index.php b/2016/index.php
new file mode 100755
index 0000000..e69de29
http://git-wip-us.apache.org/repos/asf/incubator-spot/blob/67c0416b/blog/apache-spot-3-most-asked-questions/feed/index.html
----------------------------------------------------------------------
diff --git a/blog/apache-spot-3-most-asked-questions/feed/index.html b/blog/apache-spot-3-most-asked-questions/feed/index.html
new file mode 100755
index 0000000..7baf2ec
--- /dev/null
+++ b/blog/apache-spot-3-most-asked-questions/feed/index.html
@@ -0,0 +1,18 @@
+<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"
+ xmlns:content="http://purl.org/rss/1.0/modules/content/"
+ xmlns:dc="http://purl.org/dc/elements/1.1/"
+ xmlns:atom="http://www.w3.org/2005/Atom"
+ xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
+
+ >
+<channel>
+ <title>Comments on: Apache Spot (Incubating): Three Most-Asked Questions</title>
+ <atom:link href="http://spot.incubator.apache.org/blog/apache-spot-3-most-asked-questions/feed/" rel="self" type="application/rss+xml" />
+ <link>http://spot.incubator.apache.org/blog/apache-spot-3-most-asked-questions/</link>
+ <description></description>
+ <lastBuildDate></lastBuildDate>
+ <sy:updatePeriod>hourly</sy:updatePeriod>
+ <sy:updateFrequency>1</sy:updateFrequency>
+
+</channel>
+</rss>
http://git-wip-us.apache.org/repos/asf/incubator-spot/blob/67c0416b/blog/apache-spot-3-most-asked-questions/index.php
----------------------------------------------------------------------
diff --git a/blog/apache-spot-3-most-asked-questions/index.php b/blog/apache-spot-3-most-asked-questions/index.php
new file mode 100755
index 0000000..f09a92e
--- /dev/null
+++ b/blog/apache-spot-3-most-asked-questions/index.php
@@ -0,0 +1,94 @@
+<?php include '../../includes/config.php'; ?>
+<?php
+$bodyclass = "single single-post";
+$pageTitle = "Apache Spot (Incubating): Three Most-Asked Questions - Apache Spot";
+$description = "";
+$currentPage = 'blog';
+?>
+<?php include '../../includes/header.php'; ?>
+
+ <div id="content">
+
+ <div id="inner-content" class="wrap cf">
+
+ <main id="main" class="m-all t-2of3 d-5of7 cf" role="main" itemscope itemprop="mainContentOfPage" itemtype="http://schema.org/Blog">
+
+ <article id="post-62" class="cf post-62 post type-post status-publish format-standard hentry category-security-analytics tag-github tag-open-network-insight tag-open-source" role="article" itemscope itemprop="blogPost" itemtype="http://schema.org/BlogPosting">
+
+ <header class="article-header entry-header">
+
+ <h1 class="entry-title single-title" itemprop="headline" rel="bookmark">Apache Spot (Incubating): Three Most-Asked Questions</h1>
+
+ <p class="byline entry-meta vcard">
+
+ <time class="updated entry-time" datetime="2016-03-29" itemprop="datePublished">
+ March 29, 2016
+ </time>
+ </span>
+ </p>
+
+ </header>
+ <section class="entry-content cf" itemprop="articleBody">
+ <p>
+ While this is not the first blog post about Apache Spot, it is the first one by a creator of the solution. As a security data scientist in Intel’s Data Center Group, I joined a small team to start thinking about solving really hard problems in cloud analytics. The team grew, and out of that effort, came Apache Spot. Since we started talking about the project, these are the three questions I am asked the most.
+ </p>
+ <p>
+ <strong>What Is Apache Spot?</strong>
+ <br />
+ Apache Spot is an open source, flow and packet analytics solution built on Hadoop. It combines big data processing, at-scale machine learning, and unique security analytics to put potential threats in front of defenders. While I am a data scientist today, I was a security investigator just a few years ago. I wanted to develop a solution that would put new tools and technology in play for defenders, but without requiring them to walk away from security and get a math degree.
+ </p>
+ <p>
+ We wanted to start with the hard problems, so we looked at the emerging need to analyze data that was produced at a scale outside what a lot of security solutions could handle. The data is being created today, and lack of visibility into that data gives attackers a profound advantage. Also, in this new era of security, many defenders (public and private sector) have to answer to their citizens and customers when these threats occur. In other words, an event that says “this attack was blocked” is insufficient; an organization needs to see what happened before, during, and after a particular machine was attacked at a particular time. The problem is summarized in a slide from a <a href="http://www.youtube.com/watch?v=mOZjMuBLYyM" target="_blank">FloCon talk</a>
+ <br />
+ <a href="<?php echo BASE_URL; ?>/library/images/FloCon2015.png" rel="attachment wp-att-66"><img class="aligncenter size-full wp-image-66" src="<?php echo BASE_URL; ?>/library/images/FloCon2015.png" alt="open source packet and flow analytics" /></a>
+ </p>
+ <p>
+ The gist is that while processing is a challenge at higher scales, the amount of insight gained is higher when analyzing flows and packets from key protocols (like DNS). And that’s how we got here.
+ </p>
+ <p>
+ <strong>Why Intel?</strong>
+ </p>
+ <p>
+ At Intel, I have worked in IT, for a security product company (McAfee), and in the Data Center Group. Intel IT was an early pioneer of the concept of proactive investigations to protect intellectual property. McAfee (now Intel Security Group) has a broad customer base in the realms of network, endpoint, and content security, to name only a few. And the Intel Data Center group has strategic partnerships with Cloudera and Accenture, as well as some pretty cool analytics efforts of their own. Add the performance benefits we achieve with Intel Architecture, especially the Intel MPI Library and Intel Math Kernel Library, and it certainly makes sense to me.
+ </p>
+ <p>
+ <strong>Why Open Source?</strong>
+ </p>
+ <p>
+ I learned from my earlier efforts in security analytics, that to invite collaboration from academia, the public sector, and the private sector, open source software is an excellent choice. We are now seeking to build a community of developers, data scientists, and security enthusiasts to grow Apache Spot into something we can all be proud of. We have also chosen an Apache software license, so that it can enrich commercial software offerings as well.
+ </p>
+ <p>
+ The greatest thing for me since we announced at RSA is to hear OTHER people talk about Apache Spot (formerly Open Network Insight or ONI), here are some of my favorites, from <a href="http://vision.cloudera.com/open-network-insight-changing-infosec-data-science-forever/" target="_blank">a Data Scientist @ eBay </a>, <a href="https://newsroom.accenture.com/news/accenture-introduces-the-accenture-cyber-intelligence-platform-to-help-organizations-continuously-predict-detect-and-combat-cyber-attacks.htm" target="_blank">a Security Provider</a>, and <a href="http://vision.cloudera.com/adaptive-security-at-big-data-scale-for-next-generation-digital-security/" target="_blank">a Big Data company</a>.
+ </p>
+ <p>
+ Fork us on Github!
+ </p>
+ <p>
+ Grant Babb
+ </p>
+ </section>
+ <footer class="article-footer">
+
+ filed under: <a href="../../category/security-analytics/" rel="category tag">Security Analytics</a>
+ <p class="tags">
+ <span class="tags-title">Tags:</span><a href="../../tag/github/" rel="tag">github</a>, <a href="../../tag/open-network-insight/" rel="tag">open network insight</a>, <a href="../../tag/open-source/" rel="tag">open source</a>
+ </p>
+ </footer>
+
+ </article>
+
+ </main>
+
+ <?php include '../../includes/sidebar.php'; ?>
+
+ </div>
+
+ </div>
+
+
+ <?php include '../../includes/footer.php'; ?>
+
+ </body>
+
+</html>
+<!-- end of site. what a ride! -->
http://git-wip-us.apache.org/repos/asf/incubator-spot/blob/67c0416b/blog/apache-spot-and-cybersecurity-using-netflows-to-detect-threats-to-critical-infrastructure/feed/index.html
----------------------------------------------------------------------
diff --git a/blog/apache-spot-and-cybersecurity-using-netflows-to-detect-threats-to-critical-infrastructure/feed/index.html b/blog/apache-spot-and-cybersecurity-using-netflows-to-detect-threats-to-critical-infrastructure/feed/index.html
new file mode 100755
index 0000000..3999b6d
--- /dev/null
+++ b/blog/apache-spot-and-cybersecurity-using-netflows-to-detect-threats-to-critical-infrastructure/feed/index.html
@@ -0,0 +1,18 @@
+<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"
+ xmlns:content="http://purl.org/rss/1.0/modules/content/"
+ xmlns:dc="http://purl.org/dc/elements/1.1/"
+ xmlns:atom="http://www.w3.org/2005/Atom"
+ xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
+
+ >
+<channel>
+ <title>Comments on: Apache Spot (Incubating) and Cybersecurity \u2014 Using NetFlows to Detect Threats to Critical Infrastructure</title>
+ <atom:link href="http://spot.incubator.apache.org/blog/apache-spot-and-cybersecurity-using-netflows-to-detect-threats-to-critical-infrastructure/feed/" rel="self" type="application/rss+xml" />
+ <link>http://spot.incubator.apache.org/blog/apache-spot-and-cybersecurity-using-netflows-to-detect-threats-to-critical-infrastructure/</link>
+ <description></description>
+ <lastBuildDate></lastBuildDate>
+ <sy:updatePeriod>hourly</sy:updatePeriod>
+ <sy:updateFrequency>1</sy:updateFrequency>
+
+</channel>
+</rss>
http://git-wip-us.apache.org/repos/asf/incubator-spot/blob/67c0416b/blog/apache-spot-and-cybersecurity-using-netflows-to-detect-threats-to-critical-infrastructure/index.php
----------------------------------------------------------------------
diff --git a/blog/apache-spot-and-cybersecurity-using-netflows-to-detect-threats-to-critical-infrastructure/index.php b/blog/apache-spot-and-cybersecurity-using-netflows-to-detect-threats-to-critical-infrastructure/index.php
new file mode 100755
index 0000000..d32442d
--- /dev/null
+++ b/blog/apache-spot-and-cybersecurity-using-netflows-to-detect-threats-to-critical-infrastructure/index.php
@@ -0,0 +1,98 @@
+<?php include '../../includes/config.php'; ?>
+<?php
+$bodyclass = "single single-post";
+$pageTitle = "Apache Spot (Incubating) and Cybersecurity \u2014 Using NetFlows to Detect Threats to Critical Infrastructure - Apache Spot";
+$description = "";
+$currentPage = 'blog';
+?>
+<?php include '../../includes/header.php'; ?>
+
+ <div id="content">
+
+ <div id="inner-content" class="wrap cf">
+
+ <main id="main" class="m-all t-2of3 d-5of7 cf" role="main" itemscope itemprop="mainContentOfPage" itemtype="http://schema.org/Blog">
+
+ <article id="post-117" class="cf post-117 post type-post status-publish format-standard hentry category-cybersecurity" role="article" itemscope itemprop="blogPost" itemtype="http://schema.org/BlogPosting">
+
+ <header class="article-header entry-header">
+
+ <h1 class="entry-title single-title" itemprop="headline" rel="bookmark">Apache Spot (Incubating) and Cybersecurity \u2014 Using NetFlows to Detect Threats to Critical Infrastructure</h1>
+
+ <p class="byline entry-meta vcard">
+
+ <time class="updated entry-time" datetime="2016-08-08" itemprop="datePublished">
+ August 8, 2016
+ </time>
+ </span>
+ </p>
+
+ </header>
+ <section class="entry-content cf" itemprop="articleBody">
+ <p>
+ The \u201cfirst\u201d documented cybersecurity case was the worm replication, which was initiated by Robert T. Morris on November 2, 1988. Wow! Here we are in 2016, 28 years later, with viruses and worms giving way to Trojan horses and polymorphic code. Nowadays, we are also fighting against DDoS, phishing, spear phishing attacks, command and controls along with APTs such as Aurora, Zeus, Red October and Stuxnet. What happened with our security controls on each attack?
+ </p>
+ <p>
+ Despite heroic efforts, internal and external security controls, no matter if they are preventive, detective or corrective, can be bypassed by different situations or misconfigurations. Capabilities to detect bugs or vulnerabilities in code, protocol, etc. are still limited. When we consider how to close these gaps, we have two options:
+ </p>
+ <ol>
+ <li>
+ Collect information from each device that is part of the environment.
+ </li>
+ <li>
+ Collect information from the critical infrastructure that is used for most, if not all, of the systems.
+ </li>
+ </ol>
+ <p>
+ This blog will describe the second approach.
+ </p>
+ <p>
+ Critical infrastructure, including nationally significant infrastructure, can be broadly defined as the systems, assets, facilities and networks that provide essential services. For nations, this means protecting the national security, economic security and prosperity as well as the health and safety of their citizenry. If we extrapolate this definition on the IT enterprise environments, we can define the critical infrastructure as the service, or services, that need to be up and running properly 99.99999% of the time, most of the time to support other critical infrastructure, such as databases, HR systems, manufacturing systems, etc.
+ </p>
+ <p>
+ Effectively protecting critical infrastructure means that millions, if not billions, of different scenarios must be identified and monitored. To do this, the cybersecurity problem must be broken into small pieces.
+ </p>
+ <p>
+ Let\u2019s consider DNS \u2014 your communications to the Web. How can you know which communications are being established by your critical servers? And, what if you want to do it for most of your infrastructure?
+ </p>
+ <p>
+ First idea: Use NetFlow, which is a network protocol that helps us collect IP traffic information and monitor network traffic. NetFlow has the details on the communications of all of your network traffic. However, the normal data on an enterprise environment includes billions of NetFlow events per day. To use this data to identify issues, it must be stored and analyzed. Storage alone is costly. Analyzing what amount Big Data stores is an entire other challenge.
+ </p>
+ <p>
+ Apache Spot offers a solution. It was designed to gather, store and analyze Big Data. In fact, Apache Spot is an ideal solution for this cybersecurity challenge. Apache Spot can integrate many different data sources in a data lake then add operational context to the data by linking configuration, inventory, service databases and other data stores. This helps you to prioritize the actions to take under different attack, malware, APT and hacking scenarios. With Apache Spot, attacks that bypass our external or internal security controls can be identified. By delivering risk-prioritized, actionable insights, Apache Spot can support the growing need for security analytics.
+ </p>
+ <p>
+ Not only can Apache Spot collect, store and analyze billions of NetFlow packets, but it can also be adapted to meet the unique requirements of your organization. How? Apache Spot is an open-source project.
+ </p>
+ <p>
+ <strong>But Wait, There\u2019s More</strong>
+ </p>
+ <p>
+ Check out \u201c<a href="../how-apache-spot-helps-create-well-stocked-data-lakes-and-catch-powerful-insights/"><u>How Apache Spot Helps Create Well-Stocked Data Lakes and Catch Powerful Insights</u></a>\u201d to learn more about the underlying Apache Spot architecture.
+ </p>
+ <p>
+ This is the first of a series of blogs that we will be writing about cybersecurity, so check back to read more.
+ </p>
+ </section>
+ <footer class="article-footer">
+
+ filed under: <a href="../../category/cybersecurity/" rel="category tag">Cybersecurity</a>
+
+ </footer>
+
+ </article>
+
+ </main>
+
+ <?php include '../../includes/sidebar.php'; ?>
+
+ </div>
+
+ </div>
+
+ <?php include '../../includes/footer.php'; ?>
+
+ </body>
+
+</html>
+<!-- end of site. what a ride! -->
http://git-wip-us.apache.org/repos/asf/incubator-spot/blob/67c0416b/blog/how-apache-spot-helps-create-well-stocked-data-lakes-and-catch-powerful-insights/feed/index.html
----------------------------------------------------------------------
diff --git a/blog/how-apache-spot-helps-create-well-stocked-data-lakes-and-catch-powerful-insights/feed/index.html b/blog/how-apache-spot-helps-create-well-stocked-data-lakes-and-catch-powerful-insights/feed/index.html
new file mode 100755
index 0000000..04fbe33
--- /dev/null
+++ b/blog/how-apache-spot-helps-create-well-stocked-data-lakes-and-catch-powerful-insights/feed/index.html
@@ -0,0 +1,18 @@
+<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"
+ xmlns:content="http://purl.org/rss/1.0/modules/content/"
+ xmlns:dc="http://purl.org/dc/elements/1.1/"
+ xmlns:atom="http://www.w3.org/2005/Atom"
+ xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
+
+ >
+<channel>
+ <title>Comments on: How Apache Spot (Incubating) Helps Create Well-Stocked Data Lakes and Catch Powerful Insights</title>
+ <atom:link href="http://spot.incubator.apache.org/blog/how-apache-spot-helps-create-well-stocked-data-lakes-and-catch-powerful-insights/feed/" rel="self" type="application/rss+xml" />
+ <link>http://spot.incubator.apache.org/blog/how-apache-spot-helps-create-well-stocked-data-lakes-and-catch-powerful-insights/</link>
+ <description></description>
+ <lastBuildDate></lastBuildDate>
+ <sy:updatePeriod>hourly</sy:updatePeriod>
+ <sy:updateFrequency>1</sy:updateFrequency>
+
+</channel>
+</rss>
http://git-wip-us.apache.org/repos/asf/incubator-spot/blob/67c0416b/blog/how-apache-spot-helps-create-well-stocked-data-lakes-and-catch-powerful-insights/index.php
----------------------------------------------------------------------
diff --git a/blog/how-apache-spot-helps-create-well-stocked-data-lakes-and-catch-powerful-insights/index.php b/blog/how-apache-spot-helps-create-well-stocked-data-lakes-and-catch-powerful-insights/index.php
new file mode 100755
index 0000000..571915c
--- /dev/null
+++ b/blog/how-apache-spot-helps-create-well-stocked-data-lakes-and-catch-powerful-insights/index.php
@@ -0,0 +1,80 @@
+<?php include '../../includes/config.php'; ?>
+<?php
+$bodyclass = "single single-post";
+$pageTitle = "How Apache Spot (Incubating) Helps Create Well-Stocked Data Lakes and Catch Powerful Insights - Apache Spot";
+$description = "";
+$currentPage = 'blog';
+?>
+<?php include '../../includes/header.php'; ?>
+
+ <div id="content">
+
+ <div id="inner-content" class="wrap cf">
+
+ <main id="main" class="m-all t-2of3 d-5of7 cf" role="main" itemscope itemprop="mainContentOfPage" itemtype="http://schema.org/Blog">
+
+ <article id="post-113" class="cf post-113 post type-post status-publish format-standard hentry category-uncategorized" role="article" itemscope itemprop="blogPost" itemtype="http://schema.org/BlogPosting">
+
+ <header class="article-header entry-header">
+
+ <h1 class="entry-title single-title" itemprop="headline" rel="bookmark">How Apache Spot (Incubating) Helps Create Well-Stocked Data Lakes and Catch Powerful Insights</h1>
+
+ <p class="byline entry-meta vcard">
+
+ <time class="updated entry-time" datetime="2016-08-08" itemprop="datePublished">
+ August 8, 2016
+ </time>
+ </span>
+ </p>
+
+ </header>
+ <section class="entry-content cf" itemprop="articleBody">
+ <p>
+ About four years ago, the era of the Big Data analytics began. Paired with advanced analytics, massive volumes of data can be culled to not only inform critical decisions, but also to simulate sophisticated \u201cwhat if\u201d scenarios that allow companies to gain competitive advantages by generating and predicting different scenarios. For example, a financial services company can more accurately determine what other products to offer a customer, and in what order, based on a wide variety of data, then use advanced analytics to gather insights. Creating a data lake that can be effectively used for predictive analytics raises tough questions \u2014 what data sources should we use? How should this data be collected and ingested? What are the best algorithms to analyze the data, and how should we present these results to our decision maker?
+ </p>
+ <p>
+ Apache Spot can help to solve most of these issues. Following is a description of the Apache Spot, which is designed to facilitate Big Data analytics scenarios like the financial services company\u2019s question about the right product to offer customers.
+ </p>
+ <a href="<?php echo BASE_URL; ?>/library/images/ONI_Architecture-Diagram_1300_v4.png"><img src="<?php echo BASE_URL; ?>/library/images/ONI_Architecture-Diagram_1300_v4.png" alt="oni_architecture-diagram_1300_v4" /></a>
+ <h3><strong>Apache Spot Core Components</strong></h3>
+ <p>
+ The Apache Spot Core is composed of three main components \u2014 data integration (collectors), data store (HDFS here, but can also be a non-SQL database) and machine learning.
+ </p>
+ <p>
+ In this diagram, the top left shows Apache Spot Data Sources, which include the collection of the information that will be used to create a data lake. The process is simple. Define a pull or push from the source of information then capture this information on Apache Spot\u2019s \u201ccollectors.\u201d The collectors are processes that interpret the information that is sent, then write it to the HDFS system in the Apache Spot cluster. The HDFS stores the data lake and ensures that resources can grow while remaining economical at every size. The Apache Spot algorithms are part of machine learning and are used to detect the uncommon information in the data lake.
+ </p>
+ <h3><strong>Operational Analytics</strong></h3>
+ <p>
+ As part of operational analytics, Apache Spot executes different batch processes that add information to machine learning results to provide meaning and context. Using the financial services product example, basic customer data could be augmented with information about other customers in the same region along with information about which products those customers recommended or complained about. Basically, the data scientists can \u201cplay\u201d with the data using different algorithms to identify insights.
+ </p>
+ <h3><strong>Visualizing Results</strong></h3>
+ <p>
+ The Apache Spot GUI displays the results that the machine learning algorithms generate. Results are represented such that it is easy to identify both the most common things as well as find the most suspicious or uncommon information that is part of the data lake.
+ </p>
+ <h3><strong>Customizable Open Source</strong></h3>
+ <p>
+ Because Apache Spot is an open-source project, most of the components depicted here can be modified by the end user.
+ </p>
+ </section>
+ <footer class="article-footer">
+
+ filed under: <a href="../../category/uncategorized/" rel="category tag">Uncategorized</a>
+
+ </footer>
+
+ </article>
+
+ </main>
+
+ <?php include '../../includes/sidebar.php'; ?>
+
+ </div>
+
+ </div>
+
+ <?php include '../../includes/footer.php'; ?>
+
+ </body>
+
+</html>
+<!-- end of site. what a ride! -->
http://git-wip-us.apache.org/repos/asf/incubator-spot/blob/67c0416b/blog/index.php
----------------------------------------------------------------------
diff --git a/blog/index.php b/blog/index.php
new file mode 100755
index 0000000..4537ac3
--- /dev/null
+++ b/blog/index.php
@@ -0,0 +1,153 @@
+<?php include '../includes/config.php'; ?>
+<?php
+$bodyclass = "blog";
+$pageTitle = "Apache Spot Blog";
+$description = "";
+$currentPage = 'blog';
+?>
+<?php include '../includes/header.php'; ?>
+
+ <div id="content">
+
+ <div id="inner-content" class="wrap cf">
+ <main id="main" class="m-all t-2of3 d-5of7 cf" role="main" itemscope itemprop="mainContentOfPage" itemtype="http://schema.org/Blog">
+
+ <article id="post-149" class="cf post-149 post type-post status-publish format-standard hentry category-uncategorized" role="article">
+
+ <header class="article-header">
+
+ <h1 class="h2 entry-title"><a href="strength-in-numbers-why-consider-open-source-cybersecurity-analytics/" rel="bookmark" title="Strength in Numbers: Why Consider Open Source Cybersecurity Analytics">Strength in Numbers: Why Consider Open Source Cybersecurity Analytics</a></h1>
+ <p class="byline entry-meta vcard">
+ <time class="updated entry-time" datetime="2016-10-21" itemprop="datePublished">
+ October 21, 2016
+ </time>
+ </span>
+ </p>
+
+ </header>
+
+ <section class="entry-content cf">
+ <div class="m-all t-1of4 d-2of7"></div>
+ <div class="m-all t-3of4 d-5of7">
+ <p>
+ By Rob Kent, Vice President of Marketing at Cybraics Competition is widely considered to be a healthy and positive thing, traditionally viewed as providing options for customers and fueling innovation. In the world of cybersecurity there is no shortage of competition, in fact cybersecurity is one of the most crowded and fast-growing areas of technology…. <a class="excerpt-read-more" href="strength-in-numbers-why-consider-open-source-cybersecurity-analytics/" title="Read Strength in Numbers: Why Consider Open Source Cybersecurity Analytics">Read more »</a>
+ </p>
+ </div>
+ </section>
+
+ </article>
+
+ <article id="post-136" class="cf post-136 post type-post status-publish format-standard hentry category-uncategorized" role="article">
+
+ <header class="article-header">
+
+ <h1 class="h2 entry-title"><a href="jupyter-notebooks-for-data-analysis" rel="bookmark" title="Jupyter Notebooks for Data Analysis">Jupyter Notebooks for Data Analysis</a></h1>
+ <p class="byline entry-meta vcard">
+ <time class="updated entry-time" datetime="2016-09-22" itemprop="datePublished">
+ September 22, 2016
+ </time>
+ </span>
+ </p>
+
+ </header>
+
+ <section class="entry-content cf">
+ <div class="m-all t-1of4 d-2of7"></div>
+ <div class="m-all t-3of4 d-5of7">
+ <p>
+ Why Does Apache Spot Include iPython notebooks? The project team wants Apache Spot to be a versatile tool that can be used by anyone. This means that data scientists and developers need to be able to query and handle the source data to find all the information they need for their decision making. The… <a class="excerpt-read-more" href="jupyter-notebooks-for-data-analysis/" title="Read Jupyter Notebooks for Data Analysis">Read more »</a>
+ </p>
+ </div>
+ </section>
+
+ </article>
+
+ <article id="post-117" class="cf post-117 post type-post status-publish format-standard hentry category-cybersecurity" role="article">
+
+ <header class="article-header">
+
+ <h1 class="h2 entry-title"><a href="apache-spot-and-cybersecurity-using-netflows-to-detect-threats-to-critical-infrastructure/" rel="bookmark" title="Apache Spot and Cybersecurity \u2014 Using NetFlows to Detect Threats to Critical Infrastructure">Apache Spot (Incubating) and Cybersecurity \u2014 Using NetFlows to Detect Threats to Critical Infrastructure</a></h1>
+ <p class="byline entry-meta vcard">
+ <time class="updated entry-time" datetime="2016-08-08" itemprop="datePublished">
+ August 8, 2016
+ </time>
+ </span>
+ </p>
+
+ </header>
+
+ <section class="entry-content cf">
+ <div class="m-all t-1of4 d-2of7"></div>
+ <div class="m-all t-3of4 d-5of7">
+ <p>
+ The \u201cfirst\u201d documented cybersecurity case was the worm replication, which was initiated by Robert T. Morris on November 2, 1988. Wow! Here we are in 2016, 28 years later, with viruses and worms giving way to Trojan horses and polymorphic code. Nowadays, we are also fighting against DDoS, phishing, spear phishing attacks, command and controls… <a class="excerpt-read-more" href="apache-spot-and-cybersecurity-using-netflows-to-detect-threats-to-critical-infrastructure/" title="Read Apache Spot and Cybersecurity \u2014 Using NetFlows to Detect Threats to Critical Infrastructure">Read more »</a>
+ </p>
+ </div>
+ </section>
+
+ </article>
+
+ <article id="post-113" class="cf post-113 post type-post status-publish format-standard hentry category-uncategorized" role="article">
+
+ <header class="article-header">
+
+ <h1 class="h2 entry-title"><a href="how-apache-spot-helps-create-well-stocked-data-lakes-and-catch-powerful-insights/" rel="bookmark" title="How Apache Spot Helps Create Well-Stocked Data Lakes and Catch Powerful Insights">How Apache Spot (Incubating) Helps Create Well-Stocked Data Lakes and Catch Powerful Insights</a></h1>
+ <p class="byline entry-meta vcard">
+ <time class="updated entry-time" datetime="2016-08-08" itemprop="datePublished">
+ August 8, 2016
+ </time>
+ </span>
+ </p>
+
+ </header>
+
+ <section class="entry-content cf">
+ <div class="m-all t-1of4 d-2of7"></div>
+ <div class="m-all t-3of4 d-5of7">
+ <p>
+ About four years ago, the era of the Big Data analytics began. Paired with advanced analytics, massive volumes of data can be culled to not only inform critical decisions, but also to simulate sophisticated \u201cwhat if\u201d scenarios that allow companies to gain competitive advantages by generating and predicting different scenarios. For example, a financial services… <a class="excerpt-read-more" href="how-apache-spot-helps-create-well-stocked-data-lakes-and-catch-powerful-insights/" title="Read How Apache Spot Helps Create Well-Stocked Data Lakes and Catch Powerful Insights">Read more »</a>
+ </p>
+ </div>
+ </section>
+
+ </article>
+
+ <article id="post-62" class="cf post-62 post type-post status-publish format-standard hentry category-security-analytics tag-github tag-apache-spot tag-open-source" role="article">
+
+ <header class="article-header">
+
+ <h1 class="h2 entry-title"><a href="apache-spot-3-most-asked-questions/" rel="bookmark" title="Apache Spot: Three Most-Asked Questions">Apache Spot (Incubating): Three Most-Asked Questions</a></h1>
+ <p class="byline entry-meta vcard">
+ <time class="updated entry-time" datetime="2016-03-29" itemprop="datePublished">
+ March 29, 2016
+ </time>
+ </span>
+ </p>
+
+ </header>
+
+ <section class="entry-content cf">
+ <div class="m-all t-1of4 d-2of7"></div>
+ <div class="m-all t-3of4 d-5of7">
+ <p>
+ While this is not the first blog post about Apache Spot, it is the first one by a creator of the solution. As a security data scientist in Intel’s Data Center Group, I joined a small team to start thinking about solving really hard problems in cloud analytics. The team grew, and out of that… <a class="excerpt-read-more" href="apache-spot-3-most-asked-questions/" title="Read Apache Spot: Three Most-Asked Questions">Read more »</a>
+ </p>
+ </div>
+ </section>
+
+ </article>
+
+ </main>
+
+ <?php include '../includes/sidebar.php'; ?>
+
+ </div>
+
+ </div>
+
+ <?php include '../includes/footer.php'; ?>
+
+ </body>
+
+</html>
+<!-- end of site. what a ride! -->
http://git-wip-us.apache.org/repos/asf/incubator-spot/blob/67c0416b/blog/jupyter-notebooks-for-data-analysis/feed/index.html
----------------------------------------------------------------------
diff --git a/blog/jupyter-notebooks-for-data-analysis/feed/index.html b/blog/jupyter-notebooks-for-data-analysis/feed/index.html
new file mode 100755
index 0000000..5022015
--- /dev/null
+++ b/blog/jupyter-notebooks-for-data-analysis/feed/index.html
@@ -0,0 +1,18 @@
+<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"
+ xmlns:content="http://purl.org/rss/1.0/modules/content/"
+ xmlns:dc="http://purl.org/dc/elements/1.1/"
+ xmlns:atom="http://www.w3.org/2005/Atom"
+ xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
+
+ >
+<channel>
+ <title>Comments on: Jupyter Notebooks for Data Analysis</title>
+ <atom:link href="http://spot.incubator.apache.org/blog/jupyter-notebooks-for-data-analysis/feed/" rel="self" type="application/rss+xml" />
+ <link>http://spot.incubator.apache.org/blog/jupyter-notebooks-for-data-analysis/</link>
+ <description></description>
+ <lastBuildDate></lastBuildDate>
+ <sy:updatePeriod>hourly</sy:updatePeriod>
+ <sy:updateFrequency>1</sy:updateFrequency>
+
+</channel>
+</rss>
http://git-wip-us.apache.org/repos/asf/incubator-spot/blob/67c0416b/blog/jupyter-notebooks-for-data-analysis/index.php
----------------------------------------------------------------------
diff --git a/blog/jupyter-notebooks-for-data-analysis/index.php b/blog/jupyter-notebooks-for-data-analysis/index.php
new file mode 100755
index 0000000..1931779
--- /dev/null
+++ b/blog/jupyter-notebooks-for-data-analysis/index.php
@@ -0,0 +1,128 @@
+<?php include '../../includes/config.php'; ?>
+<?php
+$bodyclass = "single single-post";
+$pageTitle = "Jupyter Notebooks for Data Analysis - Apache Spot";
+$description = "";
+$currentPage = 'blog';
+?>
+<?php include '../../includes/header.php'; ?>
+
+ <div id="content">
+
+ <div id="inner-content" class="wrap cf">
+
+ <main id="main" class="m-all t-2of3 d-5of7 cf" role="main" itemscope itemprop="mainContentOfPage" itemtype="http://schema.org/Blog">
+
+ <article id="post-136" class="cf post-136 post type-post status-publish format-standard hentry category-uncategorized" role="article" itemscope itemprop="blogPost" itemtype="http://schema.org/BlogPosting">
+
+ <header class="article-header entry-header">
+
+ <h1 class="entry-title single-title" itemprop="headline" rel="bookmark">Jupyter Notebooks for Data Analysis</h1>
+
+ <p class="byline entry-meta vcard">
+
+ <time class="updated entry-time" datetime="2016-09-22" itemprop="datePublished">
+ September 22, 2016
+ </time>
+ </span>
+ </p>
+
+ </header>
+ <section class="entry-content cf" itemprop="articleBody">
+ <p>
+ <strong>Why Does Apache Spot Include iPython notebooks? </strong>
+ </p>
+ <p>
+ The project team wants Apache Spot to be a versatile tool that can be used by anyone. This means that data scientists and developers need to be able to query and handle the source data to find all the information they need for their decision making. The iPython Notebook is an appropriate platform for easy data exploration. One of its biggest advantages is that it provides parallel and distributed computing to enable code execution and debugging in an interactive environment \u2013 thus the \u2018i\u2019 in iPython.
+ </p>
+ <p>
+ The iPython notebook is a web based interactive computational environment that provides access to the Python shell. While iPython notebooks were originally designed to work with the Python language, they support a number of other programming languages, including Ruby, Scala, Julia, R, Go, C, C++, Java and Perl. There are also multiple additional packages that can be used to get the most out of this highly-customizable tool.
+ </p>
+ <p>
+ Starting on version 4.0, most notebook functionalities are now part of the Project Jupyter, while iPython remains as the kernel to work with Python code in the notebooks.
+ </p>
+ <img src="<?php echo BASE_URL;?>/library/images/iPython-1.png" alt="ipython" class="aligncenter size-full wp-image-140" />
+ <p>
+ <strong>IPython with Apache Spot for Network Threat Detection</strong>
+ </p>
+ <p>
+ <em>NOTE:� This is not intended to be a step-by-step tutorial on how to code a threat analysis in Apache Spot, but more like an introduction on how to approach the suspicions of a security breach.</em>
+ </p>
+ <p>
+ Although machine learning (ML) will do most of the work detecting anomalies in the traffic, Apache Spot also includes two notebook templates that can get you started on this. The <em>Threat_Investigation_master.ipynb</em> is designed to query the raw data table to find all connections in a day that are related to any threat you select \u2013 even connections that were not necessarily flagged as suspicious by ML on a first run. This gives us the chance to get a new data subset and here is where the fun begins.
+ </p>
+ <p>
+ If you suspect of a specific type of attack in your network, you can get the whole story by answering the Five \u2018W\u2019s.
+ </p>
+ <p>
+ <strong><em>What? </em></strong>
+ </p>
+ <p>
+ Maybe there\u2019s been an increase in the logs collected by the system, which indicates abnormal amounts of communication in your network. Or, the amount of POST requests in your network have risen overnight. This is the mystery that needs to be solved by researching through the anomalies previously detected by ML.
+ </p>
+ <p>
+ <strong><em>Who?</em></strong>
+ </p>
+ <p>
+ Assuming you have a network context, you can identify the name of the infected machine inside the network, as well as the name of the IP or DNS on the other side of the connection (if it is a known host). If you don\u2019t have a network context or are using DHCP, this can be a little tricky to detect using only Netflow logs. But, that\u2019s where DNS and Proxy logs, come in handy. Including a network context file with Apache Spot is really simple and can go a long way when identifying a threat.
+ </p>
+ <p>
+ <strong><em>When?</em></strong>
+ </p>
+ <p>
+ To have a broader visibility on the attack, you can customize the queries on the Threat investigation notebook to review the data through a wider time lapse \u2013 instead of just checking through the current day. With this, you could find an increase of a certain type of requests to one (or many) URIs and predict its future behavior.
+ </p>
+ <p>
+ <strong><em>Where?</em></strong>
+ </p>
+ <p>
+ When working only with DNS, having a destination URL might not say much about where your information is going to, but Apache Spot allows you to connect with a geolocation database to identify the location of the suspected attackers IP. Taking advantage of this option, you can visually locate the other end of the connection on a map. You might find that it\u2019s pointing to a country banned by your company, indicating a leak.
+ </p>
+ <p>
+ <strong><em>Why?</em></strong>
+ </p>
+ <p>
+ This answer to \u201cwhy\u201d will depend highly on the result of the analysis. For instance, an excessive amount of POST requests from one machine inside the network to an unidentified URI can indicate a data mining attack. Tracing back to patient zero, you can find that this could have originated with a phishing email, malicious software installed by an employee or a one-time visitor\u2019s infected machine that connected to your network.
+ </p>
+ <p>
+ <strong>How to Get Answers to the Five Ws Questions</strong>
+ </p>
+ <p>
+ All of the previous questions can be answered by looking at the raw data collected. Although performing elaborated queries directly to your database can seem tempting, this type of analysis with Hive, or even Impala, can be very time consuming. A better approach would be to use Pandas to read and transform your dataset into a relational structured dataframe. This lets you work with as if it were an offline structured relational database.
+ </p>
+ <p>
+ Once you have your desired results and data subsets, you can use MatplotLib to easily graph your findings. (We cover this subject in more depth in another post.) Another advantage of the notebook is that you can download it as HTML or a PDF file to store locally and use it in a presentation \u2013 or just keep it for future reference.
+ </p>
+ <p>
+ <strong>Wrap Up</strong>
+ </p>
+ <p>
+ This post was meant to be just a brief introduction of how you can use iPython notebooks in Apache Spot to perform further data analysis and include it our executive report (in addition to the already included Story board). Although this is not the only way you can do this, it is a very interactive and fun way to do it. You\u2019ll also see that the overall processing time is very short \u2013 thanks to the iPython notebook task parallelism ability.
+ </p>
+ <p>
+ We want to hear from YOU! Have you used iPython notebooks before? How do you feel about having this tool in Apache Spot? If you\u2019re interested in further data analysis through interactive charts, a new post is coming soon on D3 and jQuery data visualization. Also, check back soon to read more on this and other Cybersecurity subjects.
+ </p>
+ </section>
+
+ <footer class="article-footer">
+
+ filed under: <a href="../../category/data-science/" rel="category tag">Data Science</a>, <a href="../../category/ipython-notebooks/" rel="category tag">Ipython Notebooks</a>, <a href="../../category/threat-analysis-tools/" rel="category tag">Threat Analysis Tools</a>
+
+ </footer>
+
+ </article>
+
+ </main>
+
+ <?php include '../../includes/sidebar.php'; ?>
+
+ </div>
+
+ </div>
+
+ <?php include '../../includes/footer.php'; ?>
+
+ </body>
+
+</html>
+<!-- end of site. what a ride! -->
http://git-wip-us.apache.org/repos/asf/incubator-spot/blob/67c0416b/blog/strength-in-numbers-why-consider-open-source-cybersecurity-analytics/feed/index.html
----------------------------------------------------------------------
diff --git a/blog/strength-in-numbers-why-consider-open-source-cybersecurity-analytics/feed/index.html b/blog/strength-in-numbers-why-consider-open-source-cybersecurity-analytics/feed/index.html
new file mode 100755
index 0000000..ee2f59b
--- /dev/null
+++ b/blog/strength-in-numbers-why-consider-open-source-cybersecurity-analytics/feed/index.html
@@ -0,0 +1,18 @@
+<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"
+ xmlns:content="http://purl.org/rss/1.0/modules/content/"
+ xmlns:dc="http://purl.org/dc/elements/1.1/"
+ xmlns:atom="http://www.w3.org/2005/Atom"
+ xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
+
+ >
+<channel>
+ <title>Comments on: Strength in Numbers: Why Consider Open Source Cybersecurity Analytics</title>
+ <atom:link href="http://spot.incubator.apache.org/blog/strength-in-numbers-why-consider-open-source-cybersecurity-analytics/feed/" rel="self" type="application/rss+xml" />
+ <link>http://spot.incubator.apache.org/blog/strength-in-numbers-why-consider-open-source-cybersecurity-analytics/</link>
+ <description></description>
+ <lastBuildDate></lastBuildDate>
+ <sy:updatePeriod>hourly</sy:updatePeriod>
+ <sy:updateFrequency>1</sy:updateFrequency>
+
+</channel>
+</rss>
http://git-wip-us.apache.org/repos/asf/incubator-spot/blob/67c0416b/blog/strength-in-numbers-why-consider-open-source-cybersecurity-analytics/index.php
----------------------------------------------------------------------
diff --git a/blog/strength-in-numbers-why-consider-open-source-cybersecurity-analytics/index.php b/blog/strength-in-numbers-why-consider-open-source-cybersecurity-analytics/index.php
new file mode 100755
index 0000000..c86b518
--- /dev/null
+++ b/blog/strength-in-numbers-why-consider-open-source-cybersecurity-analytics/index.php
@@ -0,0 +1,69 @@
+<?php include '../../includes/config.php'; ?>
+<?php
+$bodyclass = "single single-post";
+$pageTitle = "Strength in Numbers: Why Consider Open Source Cybersecurity Analytics - Apache Spot";
+$description = "";
+$currentPage = 'blog';
+?>
+<?php include '../../includes/header.php'; ?>
+
+ <div id="content">
+
+ <div id="inner-content" class="wrap cf">
+
+ <main id="main" class="m-all t-2of3 d-5of7 cf" role="main" itemscope itemprop="mainContentOfPage" itemtype="http://schema.org/Blog">
+
+ <article id="post-149" class="cf post-149 post type-post status-publish format-standard hentry category-uncategorized" role="article" itemscope itemprop="blogPost" itemtype="http://schema.org/BlogPosting">
+
+ <header class="article-header entry-header">
+
+ <h1 class="entry-title single-title" itemprop="headline" rel="bookmark">Strength in Numbers: Why Consider Open Source Cybersecurity Analytics</h1>
+
+ <p class="byline entry-meta vcard">
+
+ <time class="updated entry-time" datetime="2016-10-21" itemprop="datePublished">
+ October 21, 2016
+ </time>
+ </span>
+ </p>
+
+ </header>
+ <section class="entry-content cf" itemprop="articleBody">
+ <p>
+ By Rob Kent, Vice President of Marketing at Cybraics
+ </p>
+ <p>
+ Competition is widely considered to be a healthy and positive thing, traditionally viewed as providing options for customers and fueling innovation. In the world of cybersecurity there is no shortage of competition, in fact cybersecurity is one of the most crowded and fast-growing areas of technology. The problem is, with so much competition, are we losing sight of the real goal: protecting our customers against the adversary? With so much focus on competing and winning customers, are we negating one of the most fundamental advantages that we could have in the fight against cybercrime? Cooperation. Our adversaries are not shy about working together\u2026 the community is strong and growing, and while there is no doubt some healthy competition, the sharing of tools and techniques is certainly far more common than in the commercial world. Like Open Source software, security can only benefit and grow through peer-reviewed submissions. Citing Linus Law b
y Eric S. Raymond from his book The Cathedral and the Bazaar, “Given a large enough beta-tester and co-developer base, almost every problem will be characterized quickly and the fix will be obvious to someone.”
+ </p>
+ <p>
+ This, of course, is not new information. People have been pointing this out for years. What is encouraging is that a few organizations are finally stepping up to the plate to try and change this paradigm in cybersecurity. When it comes to cybersecurity, many have touted big data analytics as one of the key initiatives to combat adversaries. The problem is that big data in itself has its own set of challenges, one of the issues is that it is often looked at as a costly problem to store and scale as opposed to being used as another tool in an organization\u2019s arsenal. Apache Spot, a project pioneered by Intel and Cloudera, is aiming to fix this problem.
+ </p>
+ <p>
+ By creating an open source community, the hope is that identifying security threats within large data sets will become a manageable task for all organizations, despite their size or scale. Organizations overwhelmed with their data or those that aren\u2019t seeing results will have a community to turn to along with a common reference to compare results. By working together on Apache Spot, organizations will be able to share their experiences on how they\u2019ve tackled or how they need to tackle these issues with a common system to reference. Data is never going to get smaller across organizations\u2019 core systems, so in many ways an organization just now beginning to dig into their data stores is basically starting from scratch. Having the ability to reference an open common model gives the opportunity for both those starting out and those seasoned, to have an open exchange of varying knowledge.
+ </p>
+ <p>
+ By supporting Apache Spot, Cybraics is hoping to learn as much as we contribute while we collaborate and take part in this Open Source Initiative. With the end result a set of guidelines for organizations to deploy a data analytics platform to find threats within their ecosystem, and a community that will share their experiences with the next generation of data and security professionals, perhaps we can all start actually working together to start leveling the playing field.
+ </p>
+ </section>
+ <footer class="article-footer">
+
+ filed under: <a href="../../category/uncategorized/" rel="category tag">Uncategorized</a>
+
+ </footer>
+
+ </article>
+
+ </main>
+
+ <?php include '../../includes/sidebar.php'; ?>
+
+ </div>
+
+ </div>
+
+ <?php include '../../includes/footer.php'; ?>
+
+ </body>
+
+</html>
+<!-- end of site. what a ride! -->