Playing with Elasticsearch data pipelines

This is a past event

66 people went

Location image of event venue

Details

This Elastic All Star Double Header MeetUp will be lead by Edouard Buschini and Antony Farrow from Empow Cyber Security. Each of their respective topics are below. Come check it out at the WeWork South Station on the 8th Floor!

AGENDA

🗨️Presentation 1:- Edouard Buschini, CISO of PreVeil: Playing with Elasticsearch data pipelines

In this talk we'll go over some fun demos and use cases of how we can improve our data pipeline and workflow with two simple tools: JQ and Cryptocli. We'll learn how to push aggregations to the next level with those two tools as well as real time streaming.
The goal of the presentation is mainly to share some ideas, inspire people and hopefully get some constructive feedback!

Edouard worked for the last eight years as sysadmin, now doing DevOps and CISO at PreVeil, a cybersecurity startup in downtown Boston. He started using the elastic products in 2013 and developed multiple apps and tools from monitoring, to beats modules, to internal real time web analytic platform in a top e-commerce website in France. He is now implementing a central monitoring platform that has real time alerting and remediation capabilities as part of maintaining and evolving the current infrastructure.

PreVeil makes encryption easy, providing end-to-end encrypted solutions like emails and file sharing for individuals as well as for organizations. https://www.preveil.com

🗨️Presentation 2: Antony Farrow, Senior Director Solutions Architecture, empow: The Cyber Data Pyramid: Getting to the Top of the Pyramid through Automation

In this session we will review the process of digesting large amounts of cyber data, and the needs and challenges of classifying unstructured and dynamic data. We will also introduce automation methods that identify and prioritize real threats over “noise”. We will look at the manual processes that analysts need to go through today in order to reach the top of the data pyramid and present how empow’s i-SIEM automates a large portion of this work.

The session will include a demo showing how i-SIEM actually works, using real data sets and empow’s abstract playbook models. We will include an introduction of empow’s new open-source contribution to the Elastic community.

🎓 Learn more about Elastic
• Elastic Community:
https://www.elastic.co/community
• Monthly Community Newsletter: https://www.elastic.co/community/newsletter
• Discussion Forums:
https://discuss.elastic.co/
• In-person, paid Elasticsearch I & II training is coming to Boston Oct 1-2:
https://training.elastic.co/?courseId=0&city=BOSTON
• Elastic{ON} is coming back to Boston on Oct. 3, sign-up to be notified when registration goes live:
https://www.elastic.co/elasticon/tour/boston

❤️ Code of Conduct
This Meetup community adheres to the Elastic Community Code of Conduct. Attendance to events run as part of this Meetup group means you agree to be an awesome human and engage by these rules.

https://www.elastic.co/community/codeofconduct