Security News > 2020 > August > A New Strategy for DDoS Protection: Log Analysis on Steroids
To handle the CDN log data spikes inherent with DDoS attacks, organizations often guesstimate how much compute they may need and maintain that higher level of resource for their logging solution.
The security team would then use Kibana to interact with the Cloudflare log data to triage DDoS attacks as they occur.
The growth in log data from HubSpot's rapid customer base expansion was compounded by the fact that DDoS attacks themselves inherently generate a massive spike in log data while they are occurring.
Turning their S3 cloud object storage into a searchable analytic data lakeso Cloudflare CDN and other security-related log data could be easily cleaned, prepared, and analyzed in place, without data movement or schema management.
In addition to storing and analyzing externally generated log data within their S3 cloud object storage, HubSpot will be storing and monitoring internal security log data to enhance insider threat detection and prevention.
Incorporating a data lake philosophy into your security strategy is like putting log analysis on steroids.