Threat Analytics Data Lake – Architecture, Use-cases and Insights

Full Talk (40 Minutes)

Our “big-data story” starting with looking for a solution to store our data in a way where it could be useful should we need it later on. We knew that bringing up new databases, which requires instances, storage and memory would be expensive. Knowing that the volume of data is big and the requirements (by different consumers) are mostly unknown, we decided to go with a data lake.

Our data lake consist of:
- Hundreds of thousands of objects, stored in a distributed object store
- Hundreds of millions of daily records of different structures and formats
- TBs of compressed data added constantly
- Data stored in multiple cloud regions

We will explain about:
- Data Lake architecture and comparing it to other databases and big data solutions
- Data flow examples – How data is transformed according to our use cases
- Multi-region data lake – How to analyze data stored in multiple cloud regions

We will give Threat Analytics examples:
Advanced SQL for data analytics
Show use case examples for finding attackers within a s***load of data
Analysis use-cases: Zero days attack detection and attack clustering
~/event sponsors
Platinum Sponsors
Gold Sponsors
Silver Sponsors
Food & Swag Sponsors
Community Partners
Event Organizer
Learn more about each of our Event Sponsors.