Security Experts:

Hitting the Right Note With a Security Delivery Platform

In 1985, F. Murray Abraham won the Academy Award for Best Actor for his masterful performance as the cynical Salieri in the movie Amadeus. I loved that movie. From Wolfie’s maniacal and childlike laughter throughout to the choice scene when Salieri recounts his sneak peek at Mozart’s Serenade for Winds, K.361: 3rd Movement:  

“On the page it looked nothing. The beginning simple, almost comic. Just a pulse. Bassoons and basset horns, like a rusty squeezebox. And then suddenly, high above it, an oboe. A single note, hanging there, unwavering. Until a clarinet took over and sweetened it into a phrase of such delight! This was no composition by a performing monkey! This was a music I'd never heard. Filled with such longing, such unfulfillable longing, it had me trembling. It seemed to me that I was hearing the voice of God.”  

Mozart was a musical genius. As per Salieri, it was as if the man himself were a conduit for the voice of God. Not only did Mozart seem to possess a unique ability to see music in motion, but he could pluck from heaven the best bits and string them all together into these unimaginable and unforgettable symphonies.  

What if something similar were possible with security?

Symphony in SDP Major

To conduct a symphony, you don’t have to be a prodigy like Mozart, but you do have to be at least as smart as Salieri—who had the right training, expertise, and instruments on hand to get the job done. When it comes to security, rather than the ability to recognize that something is beautiful, it’s about having the right tools to both recognize a sour note (coming from anywhere in your infrastructure) and investigate further to determine if there is something sinister behind it.  

In and of itself, a security delivery platform does not offer security—just as a conductor does not necessarily compose or play music. A conductor’s main job is to direct—because he knows music, knows how to lead an orchestra, knows how to get the most out of the musicians and their instruments. And like a conductor, a security delivery platform is designed to orchestrate and automate for better visibility—because it knows and understands security, with the benefit of having a pervasive network view.   

Not to call a security delivery platform the second coming of Mozart, but as the man saw music in motion, a security delivery platform can see and help secure data in motion. In fact, it is becoming a foundational building block of any cybersecurity strategy. A security delivery platform lets organizations deploy and scale a wide range of security solutions. It delivers visibility into lateral movement of attackers, accelerates detection of data theft activity, and can significantly reduce the overhead, complexity, and costs associated with security deployments. With the growing sophistication of today’s cyber threats, it is no longer sufficient to focus on security applications alone. The new and critical pieces of the puzzle are how to deploy those solutions and how to ensure they get consistent access to relevant data.  

For the most part, security tools work independently. And yet, all of these different tools need the same data and often need to talk to one another. The problem is that they all have their own APIs, but who wants to go ahead and write to 50 different APIs? That’s an N-squared problem. A better plan is to leverage a security delivery platform that all the tools can plug into; that acts as a conduit for communications between them to improve interoperability; and that provides managed intervention for automating processes around security workflows and reducing the time from detection to containment.

Rock Me Metadata

Just as Salieri described Mozart’s piece, when independent instruments can come together with the right notes and at the right tempo, they can create something grander and more beautiful than themselves—to become a whole that is greater than the sum of its parts. Had he caught a passing glimpse, say, into some Silicon Valley conference room, he may have decided to share:  

“On the PPT slide it looked nothing. The architecture simple, almost comic. Just an antivirus. IDS and IPS, like every other security stack. And then suddenly, high above it, a security delivery platform. An encrypted SSL traffic stream, hanging there, uninspected. Until a metadata engine took over and sweetened it into a phrase of such delight! This was no security from an average solution provider! This was a protection I’d never seen. Filled with such visibility, such unbelievable visibility, it had me trembling. It seemed to me that I was sensing the ever-watchful eyes of the mythological god Argus.”

view counter
Erin O’Malley is an incident response delivery support manager at Accenture Security, FusionX, Cyber Investigation and Forensics Response (CIFR), where she teams with incident responders and threat hunters to document and catalog incident report findings and highlight the value of taking an adversary-based approach to minimize the risk, exposure, and damage of cybersecurity incidents. Prior to joining Accenture, Erin was a security solutions marketing manager at Gigamon. Other past roles have included product marketing for virtualization and cloud security solutions at Juniper Networks and customer marketing at VMware. She has written and edited for GE Digital, WSGR, Business Objects, and the TDA Group, and holds a B.A. in French from Penn State University and an M.A. in French from Middlebury College. The opinions and statements in this column are solely those of the individual author, and do not constitute professional or legal advice, nor do they necessarily reflect the views of Accenture, its subsidiaries, or affiliates. No representations or warranties are provided, and the reader is responsible for determining whether or not to follow any of the suggestions or recommendations, entirely at their own discretion.