Cyber Threat Hunting, Extract & Visualise Web-app Data, Elastic Common Schema

Are you going?

65 people going

Share:

F5 Networks Singapore Pte Ltd

5 Temasek Blvd · Singapore

How to find us

Suntec City Tower Five 5 Temasek Boulevard #08-01/02 Singapore 038985 Singapore

Location image of event venue

Details

⭐ Big thanks to f5 Networks for sponsoring the venue for our September meetup!

🎤Talk 1: Cyber Threat Hunting and User Entity Behavior Analysis (UEBA) with the Elastic Stack by Chun Yong Seow, Cyber Data Analyst, MINDEF

With the ever-increasing amount of security data being collected, it becomes impossible for security professionals to be able to combat against rapidly-changing cyber threats that are able to evade traditional antivirus and firewall products. In order to deal with this, Artificial Intelligence (AI) and Machine Learning (ML) solutions have become a key field for the cyber security industry to develop. While most AI and ML problems taught in school have well defined scopes, structured data, and problems that may be solved by a single machine, security data tend to be vastly diverse, unstructured, and easily in Terabytes per day.

In this talk, I will discuss the nature of Threat Hunting and the challenges faced with looking for unknown unknowns within security data. The talk will also explain how integrating Elasticsearch with some custom Python APIs can help bridge the gap in how Data Scientists can better leverage on distributed data storage solutions to greatly facilitate exploratory data analysis. The talk will conclude with a demo on User Entity Behavior Analysis (UEBA), which attempts to explain certain macroscopic behaviors of users as observed in security data.

🎤Talk 2: Extracting and and Visualising Web App Data on Per-request Level to Elastic Stack by Daniel Lee, Security Solutions Specialist, f5 Networks

🎤Talk 3: Introducing Elastic Common Schema by Elastic

More info and abstract to come!

📝Agenda
6:30m - Registration, doors and bar open
6.50pm - Take your seats armed with a beverage
7.00pm - Talk 1: Cyber Threat Hunting and User Entity Behavior Analysis (UEBA) with the Elastic Stack by Chun Yong Seow, Cyber Data Analyst, MINDEF
7.30pm - Talk 2: Extracting and Visualising Web App Data on Per-Request level to Elastic Stack by Daniel Lee, Security Solutions Specialist, f5 Networks
7.45pm - Talk 3: Introducing Elastic Common Schema by Elastic
8.15pm - Q&A, Mingling

📍Venue instructions
Suntec Tower 5
Register at the concierge with an ID. Let them know you are attending an event at f5. Head up to level 8.

Bring any questions/queries about the Elastic stack and your own experiences along to discuss on the night.

We look forward to meeting all our awesome users again - hope to see you there!