HANDS-ON THREAT HUNTING UTILIZING THE ELASTIC ELK STACK

This is a past event

60 people went

Location image of event venue

Details

This hands-on meetup will walk attendees through leveraging the open-source ELK (Elastic Stack) to analyze logs to proactively identify malicious activity. The basic tools and techniques taught during this meetup will lay a foundation that can be used to investigate isolated security incidents or implemented at scale for continuous monitoring and hunting. Attendees will be provided with access to a preconfigured ELK (Elastic Stack) cluster and extensive sample logs containing diverse malicious events waiting to be discovered on a simulated enterprise network. Attacker artifacts will be mapped to the MITRE ATT&CK Framework and tagged accordingly in the provided logs to help demonstrate the value of log enrichment and a methodological approach to adversary and anomaly detection.

Ben's bio:
Ben brings a diverse background in cybersecurity, IT, law, and law enforcement to Polito. After earning his JD from William & Mary School of Law in 2010 and providing IT and e-discovery support to law firms, Ben joined Booz Allen Hamilton as a cybersecurity consultant in 2012. While a member of Advanced Persistent Threat (APT) hunt teams assigned to commercial and federal clients, Ben sharpened his network security monitoring, forensics, incident response, malware analysis, cyber threat intelligence, and security architecture skills. He has earned the CISSP, GIAC Certified Forensic Analyst (GCFA), GIAC Web Application Penetration Tester (GWAPT), and Splunk Certified Power User certifications. Ben is a member of the Maryland bar and volunteers at a pro bono legal clinic.

----------------------------------------------------------------------------------------------------
We are excited to announce that there will be a Buena' Dillas food truck at our Meetup where you can buy some dinner! View the website to pick out what you will order www.buenadillas.com
"Never fear a'Dilla, it's all Buena"
----------------------------------------------------------------------------------------------------

Be sure to RSVP because seats are limited!

For those who are unable to attend can join via Webex. Those who attend in person will only be the ones who get Certificate of Continuing Education + Gift Certificates.

**We have recruiters attending the event, please bring your latest résumé**

----------------------------------------------------------------------------------------------------

Webex Information
When it's time, join the meeting from here:
https://meetings.webex.com/collabs/meetings/join?uuid=MCU3F3KVXU98MRQEG6OHZOTO6I-JMV3

Audio Connection
[masked] US TOLL
Access code:[masked]