The SIEM 2.0 seminar will walk you through Elastic’s ecosystem and how it can be used to achieve visibility of your security information and events. You will learn to leverage open source tools to address your organization’s real-time security analytics needs. During this seminar, you will gain hands-on experience the Elastic Stack and implement basic SIEM functionality.  Using the knowledge acquired in this class, you will be able to make the right choice for security event and information management solutions based on your organization’s needs.

Target Audience: System Architects, DevOps, IT managers interested in security analytics or centralized logging solutions.

Main topics:

  • The SIEM concept
  • Sample Elastic based SIEM implementations overview
  • Introduction to Elastic’s ecosystem
  • ELK architecture
  • Data Shipment with Beats
  • Data enrichment and parsing with Logstash
  • Introduction to Elasticsearch
  • Indexing events in Elasticsearch
  • Visualizing your events: Kibana
  • Events correlation and real-time alerting
  • Elastic Stack architecture – advanced topics
  • Popular integrations with Elastic

Info

Main Speaker

Ivgeny Shlyacht
Ivgeny Shlyacht