Almost all of the major breaches in the past have shown that the SOC/SIEM did not do their job well and alert the client to the breach. What are SOC/SIEMs missing and why? And how do fix this problem? The search for the proverbial needle in the haystack has become a daunting task as the haystack is now phenomenally big. How can Big Data help determine security intelligence?
This training workshop will explore addressing this problem using big data analytics and leveraging Hadoop, ElasticSearch, Logstash, Kibana, Beats along with a layer of Machine Learning on top of this data to determine active compromises in your network, possible frauds leads and visualize all this information for better perception by the human eye. As a completely hands-on workshop participants will be taken through the steps of implementing ELK and Hadoop as well as installing the Apache Metron project that is built on the same principles. Logs from real-world scenarios will be shared and analytics run on these to see the real value that a Big Data setup can deliver.