Terbium Labs Leverages MapR to Help Power Discovery of Stolen Data on the Dark Web

By CIOReview | Monday, September 7, 2015

SAN JOSE, CA:  MapR Technologies, a provider of the top-ranked distribution for Apache Hadoop, announces that Terbium Labs, a security software company that proactively searches for stolen data on the Dark Web using a patented, privacy-protected, data fingerprinting technique, is using the MapR Distribution as the big data platform for Matchlight, a first-of-its-kind data intelligence system. The data-centric solution closes the breach detection gap and minimizes the damage, loss and risk caused by a data breach, which costs corporations and consumers billions of dollars annually.

Terbium Labs developed the highly scalable, cloud-based Matchlight system to continuously crawl the Internet, including the Dark Web, where veiled criminal activity often takes place. The average data breach takes more than 200 days to discover, giving adversaries months or even years to exploit a security incident.  With Matchlight, identification of stolen data takes just minutes.

Relying on the MapR Distribution, the new Matchlight system registers digital fingerprints of data, which range from valuable source code to corporate documents, and searches for stolen data by comparing them to data gathered across the Internet. This one-way fingerprinting ensures total privacy and means that clients don’t have to reveal their information in order for Terbium Labs to search on their behalf.  There are currently more than 350 billion data fingerprints in its database, which continues to grow by ten to fifteen billion every day.  Operating on all types of digital assets, the Matchlight system is able to discover unexpected appearances of sensitive information, alerting companies immediately and automatically to potential data breaches. For example, the system was able to identify as many as 30,000 newly stolen credit cards and 6,000 newly compromised email addresses for sale on the Dark Web in a single day.

“We want to shut down the market for stolen data by reducing the time to detect a breach and thereby minimize the damage,” says Danny Rogers, CEO and Co-founder of Terbium Labs.  “Because the data fingerprints we collect from companies are extremely complex, we require a data platform that is more stable and efficient than the Java-heavy Hadoop distributions. MapR shines as the only Hadoop distribution that can reliably exceed our demanding volume, scale and speed requirements.”

The MapR Distribution is uniquely architected to be more resource efficient than other Hadoop distributions, which results in a significantly lower per-fingerprint storage and processing cost for Terbium. MapR provides enterprise-grade features such as high availability, recovery, security and full data protection and also enables Terbium Labs to dramatically scale the Matchlight system.

“We can easily get into trillions of fingerprints,” says Michael Moore, CTO and co-founder of Terbium Labs. “The only way we can get into that scale is with MapR.  We are only as good as the data we collect and our ability to collect more data depends on this key piece of technology.”

“Customers continue to select MapR for addressing security and risk management requirements,” says Jack Norris, CMO, MapR Technologies.  “We are very pleased that Terbium Labs relies on our platform as the foundation for their sophisticated analytics system to identify data theft. This further reinforces our leadership position in technical innovation, and our software’s proven advantages and ability to positively impact our customers’ business operations.”