Elastic SIEM, Cyber Threat Hunting, Agentless App Tracing

F5 Networks Singapore Pte Ltd - 5 Temasek Blvd Singapore Singapore
Wed, Sep 4, 2019, 6:30 PM (GMT+8)

1 RSVP'ed

About this event

⭐ Big thanks to f5 Networks for sponsoring the venue for our September meetup!

�Venue instructions
Suntec Tower 5
Register at the concierge with an ID. Let them know you are attending an event at f5. Head up to level 8.

�Talk 1: Cyber Threat Hunting and User Entity Behavior Analysis (UEBA) with Elastic Stack by Chun Yong Seow, Cyber Data Analyst, MINDEF

With the ever-increasing amount of security data being collected, it becomes impossible for security professionals to be able to combat against rapidly-changing cyber threats that are able to evade traditional antivirus and firewall products. In order to deal with this, Artificial Intelligence (AI) and Machine Learning (ML) solutions have become a key field for the cyber security industry to develop. While most AI and ML problems taught in school have well defined scopes, structured data, and problems that may be solved by a single machine, security data tend to be vastly diverse, unstructured, and easily in Terabytes per day.

In this talk, I will discuss the nature of Threat Hunting and the challenges faced with looking for unknown unknowns within security data. The talk will also explain how integrating Elasticsearch with some custom Python APIs can help bridge the gap in how Data Scientists can better leverage on distributed data storage solutions to greatly facilitate exploratory data analysis. The talk will conclude with a demo on User Entity Behavior Analysis (UEBA), which attempts to explain certain macroscopic behaviors of users as observed in security data.

�Talk 2: Using F5+Nginx to do Agentless App tracing with Elastic Stack, Lin Shudong, Solution Engineer F5 Networks

�Talk 3: SIEM on Elastic Stack by Haran Kumar, Cyber Security SA, Elastic

Our Cyber Security Solutions Architect, Haran Kumar, is in town and will be speaking about the exciting new release of Elastic Stack 7.2 [1]. He focus in on the debut of Elastic SIEM. The initial launch of Elastic SIEM [2] introduces a new set of data integrations for security use cases, and a new dedicated app in Kibana that lets security practitioners investigate and triage common host and network security workflows in a more streamlined way.

[1]: https://www.elastic.co/blog/elastic-stack-7-2-0-released
[2]: https://www.elastic.co/blog/introducing-elastic-siem

�Agenda
6:30m - Registration, doors and bar open
6.50pm - Take your seats armed with a beverage
7.00pm - Talk 1: Cyber Threat Hunting and User Entity Behavior Analysis (UEBA) with Elastic Stack by Chun Yong Seow, Cyber Data Analyst, MINDEF
7.30pm - Talk 2: Using F5+Nginx to do Agentless App tracing with Elastic Stack by Lin Shudong, Solution Engineer F5 Networks
7.45pm - Talk 3: SIEM on Elastic Stack by Haran Kumar, Cyber Security SA, Elastic
8.15pm - Q&A, Mingling

Bring any questions/queries about the Elastic stack and your own experiences along to discuss on the night.

We look forward to meeting all our awesome users again - hope to see you there!

When

Wednesday, Sep 4
6:30 PM - 8:30 PM (+08)

Where

F5 Networks Singapore Pte Ltd
5 Temasek Blvd Singapore

Organizers

  • Min Han Lee

    Min Han Lee

    Local Community Organiser

    View Profile
  • Amit Jayee

    Amit Jayee

    Local Community Organiser