This will show how, on a large container deployment, the speaker achieved insight into security events like file events on sensitive files, system call auditing, user level activity trail, network activity, etc., by customizing and plumbing a stack of open source tools that use the underlying Linux’s inotify and kernel audit components and by aggregating these events centrally in Elasticsearch.

Speaker:  Ravi Honnavalli

Ravi Honnavalli is an information security professional with over 15 years of architecting, designing, developing and technically leading teams in the fields of security product development and network security. Honnavalli has a master’s degree from National University of Singapore, majoring in cryptography and has filed three patents with USPTO, all related to product ideas in the field of information security. Honnavalli is an active open source contributer.

Detailed Presentation:

(Source: RSA Conference USA 2018)

E-mail me when people leave their comments –

You need to be a member of CISO Platform to add comments!

Join CISO Platform

CISO Platform

A global community of 5K+ Senior IT Security executives and 40K+ subscribers with the vision of meaningful collaboration, knowledge, and intelligence sharing to fight the growing cyber security threats.

Join CISO Community Share Your Knowledge (Post A Blog)