A new free tool from Adobe promises improved data processing and threat analysis of log data.
Adobe has released One-Stop Anomaly Shop (OSAS) which it calls a “one-stop shop” for data processing and made it open source. It is promised to help security teams discover anomalies in datasets.
Now available on GitHub, OSAS has been developed to make the detection of abnormalities in datasets easier. It also improves the processing and format of large chunks of security log data.
Adobe developed OSAS based on its vendors’ past security research and other open-source projects. According to the tech giant, the solution offers an ‘out of the box’ system for dataset experimentation, processing, and allows developers to find ways to “shorten the path to finding a balanced solution for detecting security threats.”
To this end, OSAS leverages Hubble, an open-source compliance monitoring tool.
According to Adobe, security logs are increasingly complex and messy and may not support machine learning (ML)-based analysis tools. This creates data sparsity and problems in turning unstructured data into structured usable sets.
The command-line interface (CLI) toolset applies a two-step process to datasets to make sense of security logs. In the first step, it tags raw data with field types such as “multinomial, text, and numeric values,” the team says. In addition, it is possible to label content based on set rules, Adobe says.
As a second step, the labels are used as input features for generic (unsupervised) or targeted ML algorithms. At present, there are three standard options, but Adobe plans to expand the tool’s functionality in the future.
Adobe has released OSAS’ full code on GitHub and also provided a Docker version.