How T-Mobile Tamed Metron

Wednesday, May 22
11:50 AM - 12:30 PM
Marquis Salon 10

Is your organization drowning in siloed cybersecurity data? Are you eager to put Big Data to work on your cybersecurity haystack? Are you planning an Apache Metron deployment? Early in 2018, T-Mobile began their journey to cybersecurity at scale. Come learn how one of the largest wireless carriers in the US successfully operationalized Apache Metron, a horizontally scalable cybersecurity analytics platform that ingests, enriches and triages events in real time. Hear why T-Mobile chose Metron and how they planned and executed their deployment. Learn how the team leveraged built-in Metron components and tapped into existing event pipelines to get ingestion up and running quickly. Dive into the details on tuning ingest on a real event feed. Finally get tips and best practices for staying on top of security event monitoring in today’s challenging threat landscape. We discuss migrating log sources to Metron, monitoring and troubleshooting ingest, adapting security configurations to find new attacks, as well as capacity planning.

Presentation Video

講演者

Carolyn Duby
Solutions Engineer
Hortonworks, Inc.
Carolyn Duby is a Solutions Engineer and Cyber Security SME at Hortonworks, where she helps customers harness the power of their data with Apache open source platforms. Previously, she was the architect for cybersecurity event correlation at SecureWorks. A subject-matter expert in cybersecurity and data science, Carolyn is an active leader in the community and frequent speaker at Future of Data meetups in Boston, MA, and Providence, RI, and at conferences such as Strata Data Conference, Dataworks Summit, Open Data Science Conference and Global Data Science Conference. Carolyn holds an ScB (magna cum laude) and ScM from Brown University, both in computer science. She is lifelong learner and recently completed the Johns Hopkins University Coursera Data Science Specialization.
John Charlton
Cyber Security Manager
T-mobile
John has a wide range of experience, he led the team that built the first release of an integrated customer service agent experience (UI), architected a solution to map SOA dependancies by watching network traffic and helped design an analytics platform as an architect in the Enterprise Data Warehouse for a large travel group. He designed and led the team that developed next generation SEO tooling at scale for the largest office supplier in the country and is now working to help T-mobile rethink the way they secure their network by automating response to attacks and enable cyber incident responders to do their job with as little friction as possible.