Apache Metron: Open source cybersecurity at scale
Who is this presentation for?
- Data engineers, platform engineers, security analysts, and data scientists
Cybersecurity is a big data challenge. Applications and security devices create terabytes of logs per day in hundreds of different formats, but security analysts can only investigate a portion of the events, and they need to decide which ones they should investigate and which events are related. Enter Apache Metron, a real-time security analytics platform that ingests, normalizes, enriches, triages, and stores application and security events in a data lake.
Bring your laptop, roll up your sleeves, and get ready to crunch some events with Metron. Run through the step-by-step examples with Carolyn Duby on your own cloud Metron installation. When you get back to the office you will be ready to use Metron back at the office.
- Apache Metron overview
- Getting started
- Ingesting, normalizing, and enriching events
- Triaging events to find the needle in the haystack
- Machine learning: Building and applying models
- User and entity behavior analytics: Profiling and anomaly detection
- Exploring event history: Dashboards, threat hunting, and investigation
- General knowledge of big data or cybersecurity (useful but not required)
Materials or downloads needed in advance
- A WiFi-enabled laptop with access to AWS instances
- Download materials from the "course GitHub repository":https://github.com/carolynduby/ApacheMetronWorkshop
What you'll learn
- Learn to use the most important features of the Apache Metron platform to triage cybersecurity data
Carolyn Duby is a solutions engineer at Cloudera, where she helps customers harness the power of their data with Apache open source platforms. Previously, she was the architect for cybersecurity event correlation at Secureworks. A subject-matter expert in cybersecurity and data science, Carolyn is an active leader in the community and frequent speaker at Future of Data meetups in Boston, MA, and Providence, RI, and at conferences such as Open Data Science Conference and Global Data Science Conference. Carolyn holds an ScB (magna cum laude) and ScM from Brown University, both in computer science. She’s lifelong learner and recently completed the Johns Hopkins University Coursera data science specialization.
Michael Gregory leads the field team for machine learning at Cloudera helping organizations derive business value from machine learning. Michael has more than 20 years of experience building, selling, implementing, and supporting large-scale data management solutions at Sun Microsystems, Oracle, Teradata, and Hortonworks and has seen and evangelized the power of data to transform organizations and industries from automotive to telco and public sector to manufacturing.
Sangeeta Thirumalai is a software developer at Cloudera, specializing in database technologies. She is currently responsible for architecting workload-level optimization tools for SQL-on-Hadoop workloads.
Leave a Comment or Question
Help us make this conference the best it can be for you. Have questions you'd like this speaker to address? Suggestions for issues that deserve extra attention? Feedback that you'd like to share with the speaker and other attendees?
Join the conversation here (requires login)
For conference registration information and customer service
For more information on community discounts and trade opportunities with O’Reilly conferences
For information on exhibiting or sponsoring a conference
For media/analyst press inquires