Building a future-proof cyber security platform with Apache Metron

Building a future-proof cyber security platform with Apache Metron

Wednesday, April 18
4:00 PM - 4:40 PM
Room II

Qsight IT gives you insight in how we use Metron in securing our customers by continuously analyzing and monitoring users, applications, data, and networks. We show you how we implemented Metron as a replacement for our former security platform based on rule-based security. Since we are dealing with a non-conventional use case “serving many customers with one platform,” we developed a business classification module that enables us to score threats according to the customer’s input.

To be future ready, we are working on extending this rule-based way of detection with machine learning models like web defacement, suspicious URL’s, UEBA, and many more to come.

In order to provide all the necessary information to the SOC analysts at a glance, we are developing a custom SOC application from where they can handle security alarms, analyze captured data, and have historical data at hand. We regard our new Metron based Security Platform as an emerging giant—a future-proof cyber security platform!

Presentation Video

SPEAKERS

Bas van de Lustgraaf
Big Data Engineer
QSight IT
Bas van de Lustgraaf is working since 2015 as Big Data Engineer at the R&D department of QSight IT and its legal predecessors. During his study Master of Information Systems Development, his first interest in data was raised. This resulted in a job as Business Information Developer at Onsight Solutions, where he developed the company’s first Data Warehouse. After two years he decided to jump into the world of Big Data. Since then he was involved in installing, maintaining the company’s Big Data cluster, developing Big Data applications, and being a big part of designing and building the new security platform based on Apache Metron.
Machiel van Tilborg
BI Engineer
Qsight IT
I have been working in the software industry since 1997. Starting out as a SAP functional consultant, later on working with the Business Intelligence Solutions from SAP as a consultant at several large international companies. Working with huge amounts of data, later also with Big Data. I focus on the user perspective to find meaningful information in the massive amount of data to give end-users on all levels insight in their processes. I design dashboards and reports in order to provide KPI's to support the PDCA cirlce. I work with several tools, either commercial or open source