Almost all of the major breaches in the past have shown that the SOC/SIEM did not do their job well and alert the client to the breach. What are SOC/SIEMs missing and why? And how do fix this problem? The search for the proverbial needle in the haystack has become a daunting task as the haystack is now phenomenally big. How can Big Data help determine security intelligence?
This training workshop will explore addressing this problem using big data analytics and leveraging Hadoop, ElasticSearch, Logstash, Kibana, Beats along with a layer of Machine Learning on top of this data to determine active compromises in your network, possible frauds leads and visualize all this information for better perception by the human eye. As a completely hands-on workshop participants will be taken through the steps of implementing ELK and Hadoop as well as installing the Apache Metron project that is built on the same principles. Logs from real-world scenarios will be shared and analytics run on these to see the real value that a Big Data setup can deliver.
KK is one of the pioneers of information security in India. Having begun his firm as a one-man show in 2001, it has now grown to a team of over 250 consultants spread across multiple locations in India and the Middle East. He is a trusted consultant and trainer to organizations all across the globe on various aspects of information security. He is well-versed with the security challenges of various industry verticals, and also with international standards and frameworks such as ISO 27001, PCI DSS, COBIT, HIPAA, etc.
He is the author of two books (on Linux Security and on the Metasploit Framework) and of numerous articles on information security. He was the first security researcher from India to present at Blackhat in 2004 (on ‘Detection and Evasion of Web Application Attacks’) and since then has spoken at numerous conferences such as Interop, OWASP, NullCon, etc. He is currently overseeing the research activities within NII focused on use of big data in security, building various automation solutions, and security impact of the Internet of Things.
Wasim is one of the senior most consultants at NII. He started as a fresher about 8 years back and since then has been involved in various technical assessments in different industries and business verticals within India and internationally. He is currently serves as the Head of Innovations and Research (InR) team at NII, where he is responsible for introducing new ideas, tools and vectors for the Security Assessment practice. He also works to introduce new service models that NII can provide to it’s clients.
As part of his current research, he is leading a team to overcome limitations within existing security monitoring solutions by exploiting advancements in Big Data, Analytics and Machine Learning, to improve threat intelligence and monitoring and enabling early detection of advance threat actors.
Wasim is also actively involved in the Info-Sec community in India. He leads the NULL chapter in Mumbai and has participated in conferences like OWASP, SecurityByte, and Malcon.
Date: 26th – 28th September, 2016
The workshop is split into two parts:
This course goes deep down into depths of networking, systems, web applications, actual exploitation & helps beginners to take their confident first step towards information security field.