Case Study: Sophos achieves faster, scalable malware detection and improved security with Datameer

Sophos increases security with big data analytics

Sophos, a nearly 30-year-old security company that protects networks used by roughly 100 million people and 100,000 businesses, faced rapidly growing volumes of telemetry and malware metadata—hundreds of thousands of new suspicious files and billions of lookups daily. Their legacy SQL systems couldn’t scale, forcing costly filtering and slowing threat correlation and ad-hoc analysis.

Sophos adopted Datameer on Hadoop to get a scalable analytics platform with an Excel-like, point-and-click interface so analysts could build algorithms and run billions-row jobs without coding. The solution eliminated pre-filtering, sped malware detection and trend analysis, and empowered researchers and product teams to mine telemetry (2–3 TB/month) for improved detection performance and broader operational insights.

Sophos

Dmitry Samosseiko

Director of Global Threat Research