Skip to main content

Veramine Uses ScyllaDB for Intrusion Response and Threat Detection

Published Date

ScyllaDB provides Veramine a low-latency NoSQL database with extremely low administrative overhead and high stability.

Transcript

My name is Jonathan Nance. I'm a CEO of a cybersecurity company called Veramine. We're located in the Seattle area.

We've been using Scylla DB for a couple of years now. We collect endpoint telemetry and funnel that to a central server, and we attempt to find attacker activity on compromised endpoints that way.

We're trying to collect everything you would ever want to know about what goes on in a computer and centralize it and run algorithms on that data. So it's a big data challenge.

We started out naively trying to use Postgres for this problem and quickly got away from that. and  switched to Cassandra. Cassandra actually had enough throughput and it was okay. The problem was every week Cassandra was crashing or we had to deal with garbage collection. We built all these elaborate throttling and filtering systems so we wouldn't crush Cassandra and put all this infrastructure just to keep Cassandra alive. The main thing we love about ScyllaDB is that you don't do any of that.  You just stream data to it and it doesn't crash. 

Even if the performance of ScyllaDB were no better Cassandra (and it is way better) but even if it were only as good performance as Cassandra, it would still totally be worth it for us based on the reduced management problem. that ScyllaDB presents as compared to Cassandra.