Sep 23–26, 2019

Apache Metron: Open source cybersecurity at scale

Carolyn Duby (Hortonworks)
1:30pm5:00pm Tuesday, September 24, 2019
Location: 1E 15/16
Secondary topics:  Privacy and Security

Who is this presentation for?

Data engineers, platform engineers, security analysts, and data scientists

Level

Intermediate

Description

Cybersecurity is a big data challenge. Applications and security devices create terabytes of logs per day in hundreds of different formats, but security analysts can only investigate a portion of the events. Which ones should they investigate? Which events are related? Enter Apache Metron, a real-time security analytics platform that ingests, normalizes, enriches, triages, and stores application and security events in a data lake.

Bring your laptop, roll up your sleeves, and get ready to crunch some events with Metron. Run through the step by step examples on your own cloud Metron installation. When you get back to the office you will be ready to use Metron back at the office.

Topics include:

Apache Metron overview
Getting started
Ingesting, normalizing, and enriching events
Triaging events to find the “needle in the haystack”
Machine learning: Building and applying models
User and entity behavior analytics: Profiling and anomaly detection
Exploring event history: Dashboards, threat hunting, and investigation

Prerequisite knowledge

Big Data or cyber security knowledge is helpful but not required.

Materials or downloads needed in advance

A laptop. Access to AWS instances via public internet. Download materials from the course GitHub repository (https://github.com/carolynduby/ApacheMetronWorkshop)

What you'll learn

Learn to use the most important features of the Apache Metron platform to triage cybersecurity data
Photo of Carolyn Duby

Carolyn Duby

Hortonworks

Carolyn Duby is a Solutions Engineer and lead Cyber Security SME at Cloudera, where she helps customers harness the power of their data with Apache open source. Previously, she was the architect for cybersecurity event correlation at SecureWorks. A subject-matter expert in cybersecurity and data science, Carolyn is an active leader in the community and frequent speaker at Future of Data meetups and at conferences such as Strata Data Conference, Dataworks Summit, Open Data Science Conference and Day of Shecurity. Carolyn holds an ScB (magna cum laude) and ScM from Brown University, both in computer science. She is lifelong learner and recently completed the Johns Hopkins University Coursera Data Science Specialization.

Leave a Comment or Question

Help us make this conference the best it can be for you. Have questions you'd like this speaker to address? Suggestions for issues that deserve extra attention? Feedback that you'd like to share with the speaker and other attendees?

Join the conversation here (requires login)

Contact us

confreg@oreilly.com

For conference registration information and customer service

partners@oreilly.com

For more information on community discounts and trade opportunities with O’Reilly conferences

strataconf@oreilly.com

For information on exhibiting or sponsoring a conference

Contact list

View a complete list of Strata Data Conference contacts