Aviva Zacks of Safety Detective sat down with Zack Shoylev, Developer Advocate at Netdata, and learned all about how his company’s monitoring can predict a security breach.
Safety Detective: What drew you to this career path?
Zack Shoylev: My dad taught graduate-level computer science, so we always had an abundance of electronic devices around with little to no entertainment on them aside from what you could make them do by modifying them. Unsurprisingly that’s a good recipe for learning various shells and languages, especially if there are some books lying around also (the MS-DOS 3.2 Manual and the Kernighan & Ritchie C Programming Guide come to mind).
SD: How does Netdata help detect security threats to infrastructure?
ZS: The industry nowadays uses multiple tools and heuristics to determine if a breach has occurred. Since Netdata can provide out-of-the-box, high-granularity monitoring, it can be indispensable in detecting certain conditions that could indicate a security breach, such as sudden changes in resource utilization, bandwidth consumption, errors and abnormal application conditions. In a few cases, Netdata can also predict such cases. There are many types of detectable anomalies that can lead to the automatic discovery of a breach that can be found in the hundreds of meaningful metrics and alarms Netdata supports. And because of its modular nature and data export capabilities, Netdata can also be integrated with dedicated security monitoring and analytics tools.
SD: What types of industries use (or should use) Netdata’s technology and why?
ZS: Netdata zooms into the infrastructure, surfacing details and insights that are in most cases not visible by other solutions. This is critical for cloud computing mainly because these environments are shared, so the availability of their resources is neither linear nor predictable. Also, IoT environments can take advantage of the distributed nature of Netdata, allowing them to embed a powerful health monitoring engine, capable of running autonomously at the edge.
SD: What is the worst cyber threat today?
ZS: Insider threats and state actors have the potential to cause the most disruption to organizations in terms of economic and functional losses, even if such attacks are comparatively rare.
SD: How will cybersecurity develop over the next few years?
ZS: Using open-source software is a great way to mitigate security concerns, but a growing threat is the number of open-source software projects with known security vulnerabilities or relying on other projects with such vulnerabilities. Opt for open-source, and make sure the projects you picked have large, active communities—like Netdata. And if you can, contribute back.