Like in a lot of areas of life, cyber marketing moves through fads. And we’re clearly seeing a fad these days around the term “Data Fabric for Security.” I’m in marketing, and have been for decades, but I can’t stand bad marketing, and playing buzzword bingo is bad marketing.Posts from Pramod Gosavi, Cole Grolmus, and Tyler Shields extolling the benefits of Data Fabrics have garnered a lot of attention, and we’re now seeing vendors rushing to adopt the term. The problem is, it’s not a catchphrase – it’s a well-defined architecture. Happily, it only takes a few questions to spot the imposters, and I share them here.Why the rush to this latest security buzzword? It turns out, security has a data problem. SecOps teams are drowning in data but still thirsting for meaningful insights. A Data Fabric for Security can aggregate and synthesize security findings and business context to yield clear direction on reducing risk and mitigating threats, providing a powerful foundation for proactive and reactive security.Playing bingo because “it just sounds good”Given the power that a Data Fabric for Security can have on reducing risk, we shouldn’t be surprised to see vendors jumping on this bandwagon. Ahead of RSA a few weeks ago, I was catching up with a buddy, and he clearly felt no twinge of guilt that he and his company are playing buzzword bingo.Our chat:Friend: “We totally stole the Avalor [our company that Zscaler bought] messaging about Data Fabrics. We call our product a Data Fabric for AppSec.”Me: “Wow – so your platform is built on a Data Fabric?”Friend: “No, but that doesn’t matter. It just sounds good.” Me: “Uh …”Turns out, it’s easy to get caught, um, fabricating things. Because a Data Fabric for Security is not a marketing term. Actual engineers who deeply understand data have been building data fabrics for more than a decade to support powerful analyses. The team that founded Avalor had built a Data Fabric for Marketing at the company Datorama, which Salesforce bought in 2018. Avalor, founded in early 2022, was the first company to build a data fabric purpose built for security. The founding team at Avalor saw that much like with marketing, security was swimming in data, and the inability to distill signal from noise makes it hard to do security well. Zscaler recognized the power and extensibility of the Data Fabric and bought Avalor less than a year after we came out of stealth.The Data Fabric for Security is remarkable in having a data model this is both flexible – you can easily add new entities to it – and opinionated – it’s pre-populated with entities and relationships that help solve security problems. You can learn more from this in-depth whitepaper.We’ve been able to accelerate our innovation within Zscaler, and we now support multiple applications on top of the Data Fabric for Security – Asset Exposure Management, Unified Vulnerability Management, and Risk360 to enable effective exposure management today, with additional use cases to be announced in a couple weeks.How to spot the fakesSo in the midst of a big game of buzzword bingo, how can you spot the impostors?Luckily, it's pretty easy – just ask to see the data fabric in action. If a vendor’s platform is actually powered by a data fabric, they will be able to show you the following attributes:data transformation – unlike a data lake or a data warehouse, a data fabric transforms the data; it must harmonize, deduplicate, correlate, and enrich data to yield new insights. Ask to see those data transformations.entities – ask to see the data fields that constitute the data model at the heart of the fabric.mapping – request that the demo show how the platform maps source data to the entities in the data model.data lineage – ask to see an example of the details on which sources contribute to the correlation and enrichment of a given entity.data graph – request to see the graphing in action, with a visual depiction of entity relationships.expandability – ask the vendor to show how you can add new entities to the data model, from any data source, in any structured format.transparency and customization – ask to see the formulas or logic that creates any result, including risk calculations, security metrics such as mean time to remediation (MTTR), or findings such as assets missing prescribed controls. You should also be able to change the math or formulas easily. So grab your bingo cards and jump into the game, because now you’ll have no problem separating the fakes from the real thing. If you want to see how our exposure management solution can help you reduce risk faster, request a demo today. We’d be delighted to show you the power of our Data Fabric for Security in action.
↧