Loading…
June 26-27, 2024 | Seattle, WA
View More Details | Registration Information

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for CloudNativeSecurityCon North America 2024 to participate in these sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Pacific Daylight Time (PDT), UTC -7. To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date."

The schedule is subject to change.
← Back to schedule
A Needle in a Haystack: How to Find a Threat Hidden in Over 6 Billion Logs Per Day - Brian Davis, Red Canary
Thursday June 27, 2024 1:55pm - 2:30pm PDT
443
All cloud platforms offer audit logs of their cloud control planes (e.g., AWS CloudTrail, Google Cloud Platform Audit Logs, Azure Activity Logs) but these generate such a high volume of logs that wading through them to find indications of a threat is a huge challenge. In this talk, I’ll explain how you can take this massive stream of data and break it down into manageable chunks using basic cloud building blocks like S3 buckets and SQS queues, or more sophisticated tools like OpenSearch and Kubernetes, to create your own detection platform and build custom analytics to search for whatever needle you want to find in the haystack. This will reduce the flood of data down into a trickle of actionable alerts, in the same way that Red Canary sifts through more than 6 billion cloud log records a day.
Speakers
avatar for Brian Davis

Brian Davis

Principal Software Engineer, Red Canary
Principal Software Engineer and Architect at Red Canary, Brian Davis has been building complex systems for over two decades, ranging from signal-processing algorithms to complex data-processing applications, deploying these on Solaris servers, on-prem virtual machines, and the cloud... Read More →
A needle in a haystack How to find a threat hidden in over 6 billion logs per day Brian Davis, Red Canary pdf
Thursday June 27, 2024 1:55pm - 2:30pm PDT
443
  Observability + Detections + Response
  • Presentation Slides Attached Yes
Feedback form is now closed.

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share
Share Modal

Share this link via

Or copy link