Hi Iranga, Valid point. There is a certain amount of overlap between security anlaytics and api invocation related analytics (because they use similar security mechanism). As we progress, we are hoping to figure out how we can employ the relevant security analytics for APIM. And this will not stop at APIM, if there are any similar applications of security analytics in any other products this could be integrated.
seshi On Tue, Feb 2, 2016 at 3:06 PM, Iranga Muthuthanthri <ira...@wso2.com> wrote: > Would there be a way we can integrate Security Analytics with lets say API > Analytics, lets say if there is a fraud detected due to several API Calls > can we find out out from which API calls and calling which backend service? > > On Tue, Feb 2, 2016 at 11:30 AM, Seshika Fernando <sesh...@wso2.com> > wrote: > >> @Lahiru: +1. I'm hoping to analyze the data that we can get from IS so >> that we can design some more, relevant analytics from it. I'll add more >> authorization specific analytics as you have mentioned. >> >> @Srinath: +1. I'll change the line graphs to this. >> >> On Tue, Feb 2, 2016 at 9:33 AM, Srinath Perera <srin...@wso2.com> wrote: >> >>> Hi Seshika, >>> >>> Thinking about this, I think we should replace the line chart with a >>> Heatmap that has time (as days) as X axis and user, role, service provider, >>> ip ( user can pick any) y axis because heatmap is much better on drill down >>> and exploration. >>> >>> >>> [image: Inline image 2] >>> Then user can click on any cell and see more information. However, we >>> will have to create in grouping things like IP address to manageable number >>> of groups in Y axis. >>> >>> Let's chat more. >>> >>> --Srinath >>> >>> >>> On Mon, Feb 1, 2016 at 11:30 PM, Lahiru Sandaruwan <lahi...@wso2.com> >>> wrote: >>> >>>> Hi Seshi, >>>> >>>> I think we can consider Authorization stats also. Since WSO2 IS has a >>>> good implementation of XACML spec, we can collect stats on, the requests >>>> allowed, denied, with which granularity, etc. >>>> >>>> Thanks. >>>> >>>> On Mon, Feb 1, 2016 at 1:59 PM, Seshika Fernando <sesh...@wso2.com> >>>> wrote: >>>> >>>>> Hi all, >>>>> >>>>> 'Security Analytics' is basically providing useful analytics for the >>>>> WSO2 Identity Server product through the use of WSO2 DAS. After discussing >>>>> with IS guys (Prabath and Johann) we initiated a Security Analytics >>>>> roadmap >>>>> and I'm currently in the process of identifying and detailing the Security >>>>> Analytics needs. >>>>> >>>>> In this process we discovered that security analytics can be dealt in >>>>> 2 ways... >>>>> >>>>> 1. Presentation of Identity Analytics - Analyze available identity >>>>> data from logs, audit trails etc; and enable users to view results it >>>>> in >>>>> many ways. >>>>> 2. Adaptive Analytics - Analyze identity data (historical and >>>>> realtime) to identify anomalous patterns and feed the decisions back >>>>> into >>>>> the Identity server to enable additional checks >>>>> >>>>> We will first focus on Presentation of Identity Analytics and the >>>>> attached document is a WIP description of the type of analytics we want to >>>>> have. >>>>> >>>>> Open for suggestions. >>>>> @Johann, @Prabath: Comments are mandatory from you guys. :) >>>>> >>>>> seshi >>>>> >>>>> 1. >>>>> https://docs.google.com/a/wso2.com/document/d/1qWzo20hrzOXPyoTuyfk9J40agUnvuSK5yNtwmlTZxcU/edit?usp=sharing >>>>> >>>>> _______________________________________________ >>>>> Architecture mailing list >>>>> Architecture@wso2.org >>>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>>>> >>>>> >>>> >>>> >>>> -- >>>> -- >>>> Lahiru Sandaruwan >>>> Committer and PMC member, Apache Stratos, >>>> Senior Software Engineer, >>>> WSO2 Inc., http://wso2.com >>>> lean.enterprise.middleware >>>> >>>> phone: +94773325954 >>>> email: lahi...@wso2.com blog: http://lahiruwrites.blogspot.com/ >>>> linked-in: http://lk.linkedin.com/pub/lahiru-sandaruwan/16/153/146 >>>> >>>> >>> >>> >>> -- >>> ============================ >>> Blog: http://srinathsview.blogspot.com twitter:@srinath_perera >>> Site: http://people.apache.org/~hemapani/ >>> Photos: http://www.flickr.com/photos/hemapani/ >>> Phone: 0772360902 >>> >>> _______________________________________________ >>> Architecture mailing list >>> Architecture@wso2.org >>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>> >>> >> >> _______________________________________________ >> Architecture mailing list >> Architecture@wso2.org >> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >> >> > > > -- > Thanks & Regards > > Iranga Muthuthanthri > (M) -0777-255773 > Team Product Management > > > _______________________________________________ > Architecture mailing list > Architecture@wso2.org > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > >
_______________________________________________ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
