Malwarebytes

 Correlates and Visualizes Data in a Speedy and Efficient Manner

Executive Summary

Malwarebytes is the industry-leading anti-malware and internet security software provider. The company’s innovative real-time security tools detect and prevent malware infections for customers across the globe. The Malwarebytes Data and AI team is able to provide interactive dashboards that trace the trajectories and velocities of detected threats as they spread around the world.

Malwarebytes’ use of Redis Enterprise for fast data ingestion, session management, centralized stateful storage, time series analysis, and geospatial analysis allows the company to aggregate, correlate, and visualize data in a manner and speed it believes would not be possible without Redis Enterprise.

It’s Not Easy Staying Ahead of the "Zombie Apocalypse"

One of the challenges at hand was to create stateful storage for several of Malwarebytes’ lifeblood data streams. “We get billions and billions of records of malware detection information,” says Darren Chinen, Senior Director of Data and AI at Malwarebytes.

As malware is detected, threat details are streamed to a centralized data platform. Stateful environment information is also streamed and collected separately in stateful storage for streaming data joins. “Understanding environment state as malware detections are found in realtime is game changing,” says Chinen. “This technology has provided deep insights into malware proliferation, velocities and attack vectors that were previously impossible.”

Transforming Vulnerability Telemetry with Redis Enterprise


Darren Chinen, Senior Director Data & Artificial Intelligence (AI), Malwarebytes
talks about how they store, manage, and deliver big data anlaytics
with reat-time heat maps using Redis Enterprise.

Requirements

  • Stateful storage: Overcome current database shortage of capturing and storing incoming datastreams
  • Malware detection in real-time: Join timeslices to detect a piece of ransomware that came at different date/time
  • Real-time analytics: Build real-time dashboards to visualize malware velocities

Redis Enterprise Benefits

  • True high availability: Built-in persistence and always-on capability
  • Data structure versatility: Great flexibility in the data types and supported commands
  • Fast data ingest and high performance: Ability to capture large volumes of data in real-time for in-memory analytics

 

“One thing we really liked about Redis Labs was that they were willing to sit with us and help us architect the best solution. Redis Labs keeps a very close watch on how the engineering community is using their product and that was the deciding factor for us.”

Darren Chinen
Senior Director of Data and AI
Malwarebytes

Redis Enterprise Paves the Way

Since its implementation at Malwarebytes, NoSQL Redis Enterprise has an essential part of the backbone of the company’s real-time streaming layer. Malwarebytes relies on several standout Redis features uniquely suited to its challenging use cases.

  • In-memory processing: The blazing fast performance of in-memory Redis is critical in addressing Malwarebytes’ incredibly high throughput, requirement for real-time streaming joins, and need to access massive amounts of data at caching speeds.
  • Sophisticated data structures: The database’s Set, Hash, and Geo Set data structures optimize the complex time series and geospatial analyses that power Malwarebytes’ dashboards.
  • Centralized stateful storage: Redis provided the much-needed real-time indexing and retrieval capability for us to create joins on streaming data, and using Redis solved our problem by providing a blazing fast, centralized stateful storage.