Big Data for Security Analytics
Introduction
Almost all of the major breaches in the past have shown that the SOC/SIEM did not do their job well and alert the client to the breach. What are SOC/SIEMs missing and why? And how do fix this problem? The search for the proverbial needle in the haystack has become a daunting task as the haystack is now phenomenally big. How can Big Data help determine security intelligence?
This training workshop will explore addressing this problem using big data analytics and leveraging Hadoop, ElasticSearch, Logstash, Kibana, Beats along with a layer of Machine Learning on top of this data to determine active compromises in your network, possible frauds leads and visualize all this information for better perception by the human eye. As a completely hands-on workshop participants will be taken through the steps of implementing ELK and Hadoop as well as installing the Apache Metron project that is built on the same principles. Logs from real-world scenarios will be shared and analytics run on these to see the real value that a Big Data setup can deliver.
Table of Contents
Day 1
Day 2
Session 5:
- Hadoop fundamentals
Session 6:
- Hadoop installation and small demo
Session 7:
- ELK Concepts
- Index
- Documents
- Shards
- Filters
- Query
- Aggregations
- ELK Hands-on
- Full Installation steps on Linux
- Creating basic logstash file
- Grok Patterns
- Apache log
- Firewall
- Geo-IP
Session 8:
- ELK Hands-on (contd…
- Windows Logon Events Monitoring
- Top logon fails
- Single user logon to multiple systems
- Windows Logon Events Monitoring
Bhushan Jeevan Rane, Assistant Manager – SHCIL
Faculty has a good trainers. Yes, the course met its objective.
Mukesh Lokre, Information Security Analyst – Travelex
Faculty has delivered the content clearly. He has a good subject knowledge.
Chinmay Dhawale, Information Security Analyst – Travelex
Very impressive, knowledgeable, technically sound & skilled trainers.
Shital Ranadive, Info Security Analyst – IDBI Intech Ltdt
Faculty is good & has explained the topics very well.