Security Big Data & A.I. Analytic (SBDA) Training

Course Outline

• Day 1: The Principal of SBDA – Log Analysis
  • SBDA. How does it help in analysing the log data?
  • The Sources. Which sources to start with and how deep to go?
  • Log Collection. What actually should we look for?
  • Quick Analysis. Big Data or "Small" Data?
  • Below the 0 's and 1 's: Network and Computer Forensics
  • Regular tools to use in Forensics
  • Evidence - The sound of the truth
  • Ways to protect your pieces of evidence
• Day 2: One Step Forward – Malware Analysis
  • How does malware analysis help in SBDA? Static & dynamic analysis
  • Tools for Static Analysis: Yara Rules, HexEditor, Pyew, AnalyzePE, PEscanner, PEframe, PEcheck
  • Framework for dynamic analysis: Cuckoo framework
  • Ready? Let's start to trace the malware now!
  • Threat Analysis. What actually happened behind the malicious codes?
  • The Smarter Techniques: Automated Log Analysis with Statistical and A.I. Solutions
  • Two More Advanced Techniques: Machine Learning Artificial Intelligence
• Day 3: Dig, dig, dig… The Searching Techniques
  • Managing SQL & NoSQL databases - Similarities Differences
  • Use Elasticsearch to search for security data  
  • Visualise your search with Kibana Dashboard
  • Get your hands dirty - Analyse the malware with relevant tools, pragmatically triage an incident define level of severity and uncover hidden IoCs
• Day 4: Minority Report: Time-based Correlations
  • The Databases
  • The Analytics
  • How do these link?
  • The Ultimate Goal - Predict the outcomes
• Day 5: See the Unseen – Correlation Techniques
  • Get familiar with mathematical and statistical analysis to correlate with
  • Use simple but effective correlation matrices
  • Go back to your logs again and learn something you have not thought about before
  • Realize hidden correlations among past and present events and find the source of the security incident

For more information, please visit here