FIM and System Call Auditing at Scale in a Large Container Deployment

This will show how, on a large container deployment, the speaker achieved insight into security events like file events on sensitive files, system call auditing, user level activity trail, network activity, etc., by customizing and plumbing a stack of open source tools that use the underlying Linux’s inotify and kernel audit components and by aggregating these events centrally in Elasticsearch.

Speaker:  Ravi Honnavalli

Ravi Honnavalli is an information security professional with over 15 years of architecting, designing, developing and technically leading teams in the fields of security product development and network security. Honnavalli has a master’s degree from National University of Singapore, majoring in cryptography and has filed three patents with USPTO, all related to product ideas in the field of information security. Honnavalli is an active open source contributer.

Detailed Presentation:

(Source: RSA Conference USA 2018)

Views: 91

Comment

You need to be a member of CISO Platform to add comments!

Join CISO Platform

Follow Us

Contact Us

Email: contact@cisoplatform.com

Mobile: +91 99002 62585

InfoSec Media Private Limited,First Floor,# 48,Dr DV Gundappa Road, Basavanagudi,Bangalore,Karnataka - 560004

© 2019   Created by CISO Platform   |   Powered by

Badges  |  Report an Issue  |  Privacy Policy  |  Terms of Service

Related Posts