Our Guest Speaker: Jeff Bryner ( @0x7eff ) is a 20+year infosec veteran/addict. Speaker at 3 DEF CONs, 3 Bsides, and 1 RSA (but he didn't mean it),
he stands accused of re-writing everything in python, integrating security tools into 3D worlds with kinectasploit and taunting the
Demo Gods in every presentation.
Hackers have all the fun. With slick, integrated, real-time, open suites like metasploit, armitage, SET, and lair they quickly seek out targets, share exploits, gain footholds and usually win.
The time has come for defense to get the same capabilities in an open-source platform dedicated to defense and based on modern technology.
To this end the operations security group at Mozilla has developed MozDef: The Mozilla Defense Platform to take on traditional SIEM functionality of
event management, alerting and correlation and expand the real-time capabilities of the defender into automated defense and shared incident response.
This presentation will cover the MozDef platform, its use of Elasticsearch and it's SIEM capabilities with as much live demo as the gods will allow.
The rest of the Agenda:
We also plan on going deep on Kibana 4, the powerful new version of Kibana that takes advantage of the aggregations API in Elasticsearch. A rewrite from the ground up, visualizations are now powered by D3js and provides an enhances workflow capability allowing you to Discover, Visualize and Dashboard your data for insights.
Shield is right around the corner and we will be giving an intro to it at the meetup. Learn how to enable access control, document level security, SSL and more!
We will also have a few Elasticsearch Solution Architects in town so its a great chance to get your questions answered by people that are in the field every day helping customers succeed with Elasticsearch, Logstash and Kibana (The ELK Stack).
Hope to see you all there!