Big Data for Security Analytics

Introduction

Almost all of the major breaches in the past have shown that the SOC/SIEM did not do their job well and alert the client to the breach. What are SOC/SIEMs missing and why? And how do fix this problem? The search for the proverbial needle in the haystack has become a daunting task as the haystack is now phenomenally big. How can Big Data help determine security intelligence?

This training workshop will explore addressing this problem using big data analytics and leveraging Hadoop, ElasticSearch, Logstash, Kibana, Beats along with a layer of Machine Learning on top of this data to determine active compromises in your network, possible frauds leads and visualize all this information for better perception by the human eye. As a completely hands-on workshop participants will be taken through the steps of implementing ELK and Hadoop as well as installing the Apache Metron project that is built on the same principles. Logs from real-world scenarios will be shared and analytics run on these to see the real value that a Big Data setup can deliver.

Table of Contents

Day 1
Day 2
Session 5:
  • Hadoop fundamentals
Session 6:
  • Hadoop installation and small demo
Session 7:
  • ELK Concepts
    • Index
    • Documents
    • Shards
    • Filters
    • Query
    • Aggregations
  • ELK Hands-on
    • Full Installation steps on Linux
    • Creating basic logstash file
    • Grok Patterns
      • Apache log
      • Firewall
    • Geo-IP
Session 8:
  • ELK Hands-on (contd…
    • Windows Logon Events Monitoring
      • Top logon fails
      • Single user logon to multiple systems
Day 3

Register for a training

Previous TrainingExploiting Internet of Things
Next TrainingWindows Internals Essentials
Bhushan Jeevan Rane, Assistant Manager – SHCIL

Faculty has a good trainers. Yes, the course met its objective.

Mukesh Lokre, Information Security Analyst – Travelex

Faculty has delivered the content clearly. He has a good subject knowledge.

Chinmay Dhawale, Information Security Analyst – Travelex

Very impressive, knowledgeable, technically sound & skilled trainers.

Shital Ranadive, Info Security Analyst – IDBI Intech Ltdt

Faculty is good & has explained the topics very well.