When processes like tool procurement can’t provide the right solution for the job, you’re better off building one yourself. That’s exactly what Comcast did with its new data fabric tool, designed internally over a three-year period before its commercial debut, to help companies with cybersecurity and data center management.
Internal development allowed Comcast to refine the software, called DataBee, and assess its cost-saving and security benefits, Nicole Bucala, VP and general manager of Comcast’s Cybersecurity BU, told IT Brew. That helped the company sidestep tool procurement and build out a single solution on their own.
“You go down one path and you learn a little bit, then you pivot, then you learn a little bit, then you pivot again,” Bucala said.
New beginnings. “Data fabric” refers to the integration architecture that allows users to work within data centers and clouds to manage data and information. Data compartmentalization and management are quickly becoming major issues for institutions that have huge amounts of information to sort through and oversee—data that can be located in servers, the cloud, or a hybrid model.
DataBee works by scrubbing and siloing data at rates that allow big companies and organizations to target and expose cybersecurity threats.
The software is hosted on AWS and uses a data cloud from Snowflake to store and catalog inquiries. The storage is likely to encompass years of inquiries from multiple, disparate sources due to the attack scenarios the software is expected to handle.
Comcast has hybrid data sources, Bucala said, with costs for sorting and storage increasing annually. The company developed DataBee in part to help defray that expense and to allow CISOs and other IT managers to manage complex data across silos and networks to answer regulatory questions and quickly respond to security challenges.
Top insights for IT pros
From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.
The results were encouraging.
“It saved us millions and millions of dollars in duplicative storage costs, which is a tremendous priority…We had never seen results like that with any other tool set,” Bucala said. “The second thing was it sped up the time that our threat hunters were working by 3 times. It’s a cloud native platform, so they could actually search for multiple threats in parallel.”
In action. That can mean facilitating better EDR deployment. By utilizing DataBee to parse multiple sources of data, DataBee regularly outperformed SDRs and sims, Bucala said, “They don’t do it as elegantly as this type of architecture.” It can also apply to GRC compliance, allowing companies to more easily navigate the at-the-time labyrinthine regulatory requirements imposed on businesses.
“Our GRC analysts can literally send an email with a very detailed report to a manager, to that manager’s manager, to that manager’s VP, all the way up the reporting chain and measure and say, ‘This is your percentage of compliance, and here are the specific people, the specific users, the specific assets, that don’t have that agent deployed on it,’ so they can take immediate action,” Bucala told IT Brew.