Data fabric federation is an architecture approach that centralizes data from various sources, often using an extract, transform, and load (ETL) process, and normalizes the data between many domains for correlated insights and queries. This approach also decouples storage and compute so that the queried data can be stored and accessed remotely in a cloud-based storage solution like a modern data lake.
Benefits
Some benefits of data fabric federation for security data include:
Nearly unlimited scalability by decoupling storage and compute which can then be components that scale independently
Manage long-term data storage costs for low value or underutilized data by directing to cloud-based repositories
Data products that multiple data consumers can reuse
Considerations
Some considerations when using a data fabric federation include:
Increased cloud storage costs as volume increases
Slight time lag during queries as the analytics tool pulls data from cloud repository
Compute costs for analyzing data
For example, the security data fabric from DataBee® enables organizations to correlate events from across complex, diverse IT and cybersecurity technologies by normalizing and flattening security data and creating a time-series dataset. This enables the organization to correlate data points and create a narrative that helps answer the following questions for a security incident:
Who
What
Where
When
With that information, stakeholders gain insights that enable them to answer security and compliance questions faster.
