Security and Time: weird windows in streaming behavior analytics

Security and Time: weird windows in streaming behavior analytics

Thursday, April 19
11:00 AM - 11:40 AM
Room V

Apache Metron features a revolutionary streaming profiler that lets you ask questions in real time about long term behaviour trends; questions like “how many servers should this admin have logged into on a weekday morning that's not a public holiday?” or “has this user, or anyone in their department, ever done anything like this before?”. Doing this with lightweight statistical sketching techniques means you can get high quality results without the need for huge hardware investment and get them much faster. It means you can deploy the expensive analytics in the right place, and progressively build up context around what is going on in your environment. In this technically focussed talk we will share some of the algorithms, use cases, and demonstrations of the low compute cost and resulting effectiveness of real-time algorithms in the Apache Metron profiler. We will also illustrate some new analytic models to protect your users from attackers, and from themselves.

Presentation Video


Simon Elliston Ball
Product Manager
Simon is a data scientist, has experience in product management, and has worked for numerous data technology companies, from vendors like Hortonworks to various data users in retail, hedge funds and the web. His focus is on big data, machine learning, and using these technologies to foster results.