Comcast helps Fortune 500s hunt down cybersecurity threats with 'DataBee'

A platform developed internally by Comcast to scrub data and keep cybersecurity threats in check has been turned into a product now being offered to enterprises.

Comcast Technology Solutions (CTS), a division of Comcast that syndicates or sells other products developed internally such as X1 and VideoAI, is now pitching the new cybersecurity product under the DataBee brand.

Targeted primarily at Fortune 500 companies, DataBee's roots tie back to a platform developed by Comcast EVP and Chief Information Security and Product Privacy Officer Noopur Davis and her team.

Figure 1: (Source: Marcos Alvarado/Alamy Stock Photo)

Internal roots

Three years in development, Comcast now uses the platform across its security operations center operators, governance, risk and compliance (GRC) analysts and others focused on hunting down cybersecurity threats, such as malware or a VPN mismatch, or ensuring that security controls are operating correctly. After the platform was validated internally and deployed at scale within Comcast, CTS now offers DataBee to the broader marketplace.

Comcast estimates that the platform, scaled to more than 200,000 employees, has saved the company more than $15 million annually via a more efficient storage system that manages about 10 petabytes of data. That platform has also enabled Comcast to accelerate its detection of cybersecurity threats and reduce false positives by 35%, the company said.

"When new threats or malware are discovered, we can now identify and act on indicators of compromise within minutes," Davis said in a statement.

Nicole Bucala, VP and GM of DataBee, explains that DataBee takes data sources from across the enterprise, including logs and security tools, and ties them together into a secure data pipeline to be analyzed.

"It's all about taking these disparate sources of data and really weaving it so that all the data resides together … in a [secure] data lake that is easily retrievable by an analyst," she explained from last week's RSA Conference in San Francisco.

CTS is using AWS to host DataBee as a cloud-native, software-as-a-service platform backed by dashboards and analytics that pertain to compliance and threat-hunting use cases. Below that, DataBee also uses a data cloud from Snowflake, a data lake specialist, to store, process and analyze computationally-intensive queries required to support the range of cybersecurity use cases enabled by DataBee.

"By partnering with Snowflake, which is a cloud native data lake that is widely deployed in the enterprise, we're able to offer the power of our technology and our data processing," explained Bucala, an exec who previously was with Zscaler, Illusive Networks and RSA Security. That combo also enables DataBee to store huge amounts of data, potentially for years, in a more cost-effective way than traditional storage methods, she adds.

First product from new cybersecurity unit

DataBee is the first product offering from a cybersecurity business unit within CTS created in the second half of 2022.

"Fortune 500 is our target market," but DataBee also has the ability to scale below that, Bucala said.

CTS hasn't announced any DataBee customers by name. But Bucala said CTS has already secured some "design customers," including two Fortune 500 firms — a financial services and insurance firm and a bank.

"We're seeing traction around some of these financial services accounts that want to see the same outcomes that we saw, specifically around cost savings, greater efficiency, and bringing security into the concept of having a global enterprise data strategy," Bucala said.

DataBee's competition includes AWS, which introduced a security lake product last November, as well as startups such as Cribl.

Security being tied to broader enterprise data strategies

"This really is a new, and now very hot space," Bucala said. "We're at the beginning of what's going to be a transformative trend in security, where the next ten years is going to be all about the data and all about how you have an architecture that enables security to fall under kind of a global enterprise data strategy."

That's starting to come together as data breaches and cybersecurity incidents become increasingly prevalent. In the telecom and media industry alone, CommScope, Fubo, T-Mobile and Dish Network are among companies that have been forced to grapple with troubling cybersecurity incidents in recent weeks and months.

"We're seeing security come under the umbrella of a global data strategy," Bucala said. "So, I think that's a really exciting thing is to start to see security blend with broader IT data strategies."

Related posts:

— Jeff Baumgartner, Senior Editor, Light Reading