Unified Protection with The Elastic Stack

Abstract: How does your organization detect and respond to cyber threats? Learn how the latest security capabilities in the Elastic Stack enable interactive exploration, incident management and automated analysis, as well as unsupervised machine learning to reduce false positives and spot anomalies — all at the speed and scale your security practitioners need to defend your organisation. It doesn’t stop there - this session will also cover how security teams use Canvas, Maps, and other Kibana elements to triage events and perform initial investigations. Bio: James has been building custom SIEM platforms for security operations centers (SOCs) for the past 9 years for a variety of sectors using several different technologies. Having tried and implemented solutions from different vendors, James ended up favouring the Elastic Stack for its versatility, speed, scalability and integrated machine learning (to name a few). From ingesting, manipulating, correlating and enriching logs from a plethora of different network device vendors to create a custom Slack bot to send alerts to SOC analysts, James has been able to do it all thanks to the Elastic Stack. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Security BSides Athens 2020 CyberSecurity | InfoSec | Ethical Hacking | Computer Security | Evolving Threats | Threat Landscape | Privacy | Cyber Resilience Security BSides is a community-driven framework for building events by and for information security community members. These events are already happening in major cities all over the world! We are responsible for organizing an independent Security BSides-Approved event for Athens, Greece. More: https://www.bsidesath.gr Follow on Twitter: @BSidesAth