Cyber Security with Apache Metron (Incubating) – Simon Ball
Apache Metron (Incubating) project is an open source project dedicated to providing an extensible and scalable advanced security analytics functionality on top of the Apache Hadoop family of projects. Metron is able to stream, search, and replay raw network packet data and correlate this data to other types of network and endpoint telemetry. Metron can support netflow and and deep packet inspection out of the box and provides extensible frameworks for adding additional telemetry sources. Metron also provides frameworks for real-time streaming enrichment, integration with threat intelligence feeds, threat triage, and capability to integrate and score machine learning models via the streaming pipeline. Metron is an Apache incubating project, built with all open source tools, and is actively looking to expand it’s community. Come see the demo, get excited, and contribute!