Skip to content

Apache Metron Overview and Demo @ Hadoop Summit San Jose

Photo of Future of Data
Hosted By
Future of D. and 2 others
Apache Metron Overview and Demo @ Hadoop Summit San Jose

Details

http://photos3.meetupstatic.com/photos/event/4/8/f/5/600_450858677.jpeg

Apache Metron is a next generation cybersecurity analytics application built on top of big data technologies like Kafka, Storm, HBase, SOLR/Elastic and Hadoop. Check out the re-designed Apache Metron Home Page (https://metron.incubator.apache.org/) for more details.

Join your cyber security expert organizers, George Vetticaden Principal & Senior Product Manager of Apache Metron (Hortonworker) and James Sirota, Cisco OpenSOC founding team leader and Data Scientist (Hortonworker). Both are committers on the the Apache Metron Project.

This session is intended for all, CISOs, Security Operation Center (SOC) professionals and software developers who are interested in contributing to the Apache Metron Community and the areas that interest them. The focus of this meeting is bringing peers together to accelerate innovation and time to detect and respond to an Advanced Persistent Threat.

The meetup will be split into two sessions. There will be an overview of Apache Metron followed by a Demo Lab. The first session will cover challenges with traditional cyber applications, an introduction to Apache Metron, and new features and enhancements in the last releases of Apache Metron (0.1 and 0.2)

During the second session and Demo Lab, the meetup leaders will walkthrough adding a new telemetry data source to Apache Metron, enriching the data in real-time with geo and domain information, applying threat intel feeds in real-time, and applying severity score to an alert generated and visualized in the Metron UI.

Session 1 - Apache Metron Intro

Intro to Metron

Metron Logical Architecture

Metron Current Capabilities

Metron Use Case Example: Tracing a Telemetry Event Through Metron

Session 2 - Demo Lab

Add a new security telemetry data source to Metron

Use Apache Nifi to ingest events from new data source into Metron

Add new Storm topology to Metron to parse events for new data source

Add Net New enrichments for the new data source

Add Net new threat intel data

Use the new Metron “Stellar” framework to apply DSL grammar to create a score for the alert.

Walkthrough the Metron UI and show new events and alerts from new data source

Events in San Jose, CA
Photo of Future of Data: San Francisco group
Future of Data: San Francisco
See more events
Future of Data: San Francisco
Photo of Future of Data: San Francisco group
San Jose Convention Center
150 W San Carlos St · San Jose, CA
Photo of Future of Data: San Francisco group
Future of Data: San Francisco
public group