DC908 Talk - Peeling Back the Layers of Security Operations: Security Onion

Talk Synopsis:
The AI hype crowd says "just pipe everything to ChatGPT." The DIY crowd says "build a custom pipeline with Ollama." Both miss the point.

Security Onion is now a security LLM platform which now has AI built directly into the console. Not bolted on. Not a wrapper around an API. Built in.

Today I'm going to deploy Security Onion in Azure, throw real attack traffic at it, and show you what Onion AI actually does with that data — the good, the bad, and the hallucinated.

Speaker:
Rish is currently a Cybersecurity Analyst at Darktrace, specializing in SOC operations, threat investigation, and open-source threat intelligence across 100+ client environments with additional experience at Brother International, SIEM/EDR platforms, and projects in phishing simulation and AI-driven security tools.

He has his BA in IT & Informatics from Rutgers University with CompTIA Security+, Microsoft Azure, and Darktrace Cyber Analyst certifications.

This event will be in the Main Meeting Room on the first floor.

Schedule:
7:00 - 7:15 - Intro, attendee introductions, resource share
7:15 - 8:00 - Talk
8:00 - 8:15 - Social time
8:30 - 10:00 - Stage House Tavern

Disclaimer:
You may be included in event photos, which will be uploaded to our website and socials.