Build Better Defenses
October 29–30, 2017: Training
October 30–November 1, 2017: Tutorials & Conference
New York, NY

Web security analysis toolbox

Ido Safruti (PerimeterX), Amir Shaked (PerimeterX)
1:30pm–5:00pm Monday, October 30, 2017
Security analytics
Location: Sutton South
Average rating: ***..
(3.00, 2 ratings)

Who is this presentation for?

  • Those working in security and DevOps

Prerequisite knowledge

  • Basic knowledge of SQL, Python, and HTTP

Materials or downloads needed in advance

  • A laptop (The required packages, instructions, and sample data will be shared on a GitHub repository prior to the course.)
  • A Google account

What you'll learn

  • Learn how to use the ELK stack and BigQuery to analyze large amounts of data and get insights and alerts on potential threats, attacks and anomalies

Description

Using real-world data and examples, Ido Safruti and Amir Shaked offer an overview of the data analysis tools that every web security analyst should be familiar with in their daily work, including ELK, BigQuery, and Python as well as other helpful online services. These tools will help you analyze incidents on your web application and network and alert you when an attack starts.

Topics include:

  • How ELK (Elasticsearch, Logstash, Kibana) can be used for online analysis, metrics monitoring, and creating smart and useful dashboards
  • How to add alerts that highlight where to look in all the noise
  • How to use BigQuery for deeper insights, identifying trends, and doing statistical analysis of your data
  • Other online services for data enrichment that will broaden your investigation and help you find the missing link in your data
Photo of Ido Safruti

Ido Safruti

PerimeterX

Ido Safruti is the cofounder and CTO at PerimeterX, which is building a behavior-based web security service. Previously, Ido headed a product group in Akamai focusing on web performance and scalability. Ido joined Akamai through the acquisition of Cotendo, where he led product and strategy. His earlier roles include GM in charge of product engineering and operation, R&D manager, chief scientist, and head of engineering at various companies and the Israeli intelligence, where he focused on high-capacity, large-scale web and network services and cybersecurity systems.

Photo of Amir Shaked

Amir Shaked

PerimeterX

Amir Shaked is vice president of research at PerimeterX, where he fends off automated attacks from websites. A software engineer and security researcher, Amir specializes in web and data technologies, the IoT, and telecom and also coaches team leaders and project managers. He has been writing code from the age of 14 and has worked at a number of startups and enterprises in the years since.