Machine learning: Security product or feature?

Around 2010, security analytics technologies started to integrate big data science and open-source technologies like Hadoop (and HDFS), Pig, Mahout, etc. The goal? Ingest, process, and apply new types of algorithms to security data to supplement human intelligence for finding needles in growing haystacks of security data. The U.S. Department of Energy was an early pioneer in this area with a project called Orca from the Oak Ridge National Lab. Since then, big data security analytics sort of morphed into machine learning, which led to the creation of a new security technology category: user and entity behavior analytics (UEBA). UEBA was designed to monitor user behaviors such as logins, remote access, network connections, etc., model "normal" behavior, and then detect anomalies that may indicate an attack in progress.