Hyper-scale Detection and Response

Presented at BSidesLV 2023, Aug. 8, 2023, 3 p.m. (20 minutes)

Are you tired of paying exorbitant fees for your current SIEM platform? Are you looking to improve your organization's Threat Monitoring and Detection capabilities without breaking the bank? Look no further! Our session will provide insights on how you can avoid the rising licensing costs of a third party SIEM and build near real-time detections on logs at a hyper-scale of 45TB+ per day! You won't want to miss this opportunity to learn about cutting-edge open source technologies that can transform your security operations. Get ready to say goodbye to expensive SIEM solutions and hello to cost-effective, highly scalable, and efficient security monitoring.

Presenters:

• Kiran Shirali
  Kiran Shirali is a Senior Manager responsible for Security Engineering functions at eBay. He has been in the space of security for over 10 years. He works closely with eBay's security incident response function while supporting it with detection and automation engineering. He also has worked in the space of Application Security and Offensive Security. When he is not behind a desk, he loves to go out on day hikes or read a good fiction book
• Neerja Sonawane
  Neerja Sonawane Manager, Security Engineering Experience : Neerja manages the Security Analytics and Data Engineering Team at eBay. She led the development and delivery of a hyper-scale, open source based SIEM and Data Analytics platform for eBay that allows real-time threat detection and improves the overall posture of Incident Response at eBay. When not coding, she loves to dance.

Links:

• https://www.bsideslv.org/talks#RNQN3E

Similar Presentations:

• Black Hat USA 2021 / Can You Roll Your Own SIEM?
• BSidesDC 2015 / Log All The Things! Proactive Forensics using Log Analysis
• ShmooCon XIV (2018) / This Is Not Your Grandfather's SIEM