Intel IT Builds A Cyber Intelligence Platform

Intel IT’s Apache Kafka data pipeline provides in-stream processing for faster security threat detection and response.

At a glance:

  • Intel’s Information Security organization ingests approximately 18 TB of data per day—equivalent to 18 billion events—on the message bus.

  • Intel invested in a modern, scalable Cyber Intelligent Platform (CIP) using Kafka and Splunk. Intel IT selected Confluent as their Kafka partner to help with the typical pain points and risks that accompany pure open source software deployments.

author-image

Por

Executive Summary

Advanced cyber threats continue to increase in frequency and sophistication, threatening computing environments and impacting businesses’ ability to grow. More than ever, large enterprises must invest in effective information security, using technologies that improve detection and response times. At Intel, we are transforming from our legacy cybersecurity systems to a modern, scalable Cyber Intelligence Platform (CIP) based on Kafka and Splunk. In our 2019 paper, Transforming Intel’s Security Posture with Innovations in Data Intelligence, we discussed the data lake, monitoring, and security capabilities of Splunk. This paper describes the essential role Apache Kafka plays in our CIP and its key benefits, as shown here:

Apache Kafka is the foundation of our CIP architecture. We achieve economies of scale as we acquire data once and consume it many times. Simplified connection of data sources helps reduce our technical debt, while filtering data helps reduce costs to downstream systems.

Intel vice president and Chief Information Security Officer, Brent Conran, explains, “Kafka helps us produce contextually rich data for both IT and our business units. Kafka also enables us to deploy more advanced techniques in-stream, such as machine-learning models that analyze data and produce new insights. This helps us reduce mean time to detect and respond; it also helps decrease the need for human touch. Kafka technology, combined with Confluent’s enterprise features and high-performance Intel® architecture, support our mission to make it safe for Intel to go fast.”

Read the white paper — IT@Intel: Building a Modern, Scalable Cyber Intelligence Platform with Apache Kafka

Download the PDF ›