Threat Hunting with Elastic Stack


Threat Hunting with Elastic Stack

Date: April 26, 2019 8:30am - 4:30pm | Location: DreamPort Facility in Columbia MD
Registration is now full. Thank you!


Join us for some hands-on workshops with Elastic experts. You'll practice using the Elastic Stack to create stunning visualizations, hunting for security threats, and using machine learning features to identify anomalies in your security data. From learning how to write simple queries and create impactful Kibana visualizations to participating in a guided hunt to master threat hunting best practices, you'll leave with new insights into how you can leverage Elastic tools to hone your security practices.

This event is a BYOD event. It will be held on April 26, 2019 from 8:30am - 4:30pm at the DreamPort facility in Columbia, MD. Food and drink are provided. There is no charge for this event.

8:30am – Threat Hunting with the Elastic Stack

This hands-on portion will focus on security analytics with the Elastic Stack and cyber hunt operations when utilizing the Task Force Plenum component of the CVA-H platform. The event starts with a brief overview of how to visualize network data and hunt for malicious activities and aggressors that evade detection from traditional signature-based tools such as anti-virus and intrusion detection systems. Next, the workshop moves on to cyberspace hunt scenarios that are both individual and team based. The hunt exercises apply a Perched learning model termed Guided Hunt, a methodology that challenges students through the use of staged cyber artifacts or breadcrumbs, ensuring that no one is left behind. This allows for ensuring maximum engagement with students of all skill levels.

1:00pm – Machine Learning with the Elastic Stack

Network security analysts have the daunting daily task of identifying potential threats in an endless ocean of network security data. In this workshop, you'll see how Elastic machine learning can help you quickly and efficiently detect those threats, regardless of how much data you need to analyze. Elastic machine learning features can automatically model the behavior of your network security data trends, periodicity, and more, all in real time to identify issues faster, streamline root cause analysis, and reduce false positives. After completing this workshop, you'll be able to use the powerful features of Elastic machine learning for identifying anomalies in your security data.

4:30pm – Adjourn