Workshop 8 - Cyber Security Log Analytics using Open Source Tools
|Speakers:||Dr. Ricci Ieong and Mr. Pike Wong||
|HKPC Building, 78 Tat Chee Avenue, Kowloon, Hong Kong|
|Date:||20 - 21 Sep 2018 (2 days)||
|09:30 - 17:00|
||HK$6,600 (Early Bird: HK$6,400)|
|Member Fee for Organizer/Supporting Organization||HK$6,400 (Early Bird: HK$6,200)|
Medium of Instruction
Cantonese with handout in English
Nature & Objectives
Log analysis becomes standard skills for cybersecurity incident response and forensic investigation. This intensive introductory 2-days course introduce the log management tools for cybersecurity available in open source community. This course will walkthrough cybersecurity log management from collection, parse to analysis and equip attendee the best practice on log query and analysis.
The attendees would be able to have hands on experience in implementing the log management platform and go through a typical operation on log analysis including:
- Open source log analysis system architecture
- Various log management deployment models
- Installation procedure on Elasticsearch Logstash Kibana (ELK) stack
- Log parsing script preparation
- Data visualization
- Dashboard creation
- Query, correlation and analysis
- Sample case investigation walkthrough
The workshop will be conducted in cloud lab environment and practical on actual setup, loading logs, analyzing logs and writing script. Attendees is expected to have basic network and system administration background.
Who Should Attend
Target audiences would be individual who are interested in cybersecurity log analysis, monitoring, incident response and forensic. Audience is expected to have basic understanding on network traffic logs, system logs, security aspect. System Administrators / Engineers / Analysts, Technical Engineers / Managers, Information Security Analysts / Managers would also be beneficial by attending the course.
Dr. Ricci Ieong
eWalker Consulting Limited
Dr Ricci Ieong, CISSP, CISA, CCSK, CCSP, CCFP, CEH, F.ISFS, ISSMP, ISSAP, ISO 27001LA, STAR Auditor
Dr Ieong has over 15 years of industry experience in the Information Technology Industry as well as more than 15 years of experience in IT Security area specialized in Security Risk Assessment, IT Audit, Ethical Hacking & Penetration Test, Smart Card & Biometrics System deployment and Computer Forensics Investigation. He currently serves as Principal Consultant of eWalker Consulting Ltd.
He has worked for HP and founded the first HP e-Security Center (also known as Penetration Test Center) in Hong Kong. He has led and conducted over 100 security assessments, IT Security Audits, penetration tests and incident handling services for HKSAR government departments, banks and multinational organization in Hong Kong throughout these years. He is one of the founding instructors in the first diploma and graduate diploma course in computer security and forensics investigation recognized by HKSAR law enforcement team. In year 2002, Dr Ieong was invited by HKSAR government HK Police Force to courtroom as the first expert witness in HK Computer Crime Investigation.
Dr Ieong is the founding member and Council member of the Information Security and Forensics Society (ISFS). He recently founded the Cloud Security Alliance Hong Kong and Macau Chapter and participated as Director of Education. He has conducted over 20 technical IT security training and workshop on cloud computing security recently in 2010. Besides, he has been invited to provide cloud security awareness training to general public audience.
Mr. Pike Wong
Technical Director and Founder
Data Voyager Limited
Pike has 15 years+ with diversified experience in IT security on consultation, presale, project delivery and software development. He is specialized in implementation of log management and security information management (SIEM), ISO27001 consultation, risk assessment and data encryption.
Pike found Data Voyager in 2015 which focuses on Big Data and Cybersecurity log management system to centralize the system logs from various network security devices for deep analysis and security audit purpose. The system combined the data correlation technology and cybersecurity best practice to aid the efficient incident detection and response.
Pike is also a Certified Information Systems Auditor (CISA) and ISO/IEC 27001 Lead Auditor (ISO27001 LA). He hold a Master of Science degree in Information Engineering from Chinese University of Hong Kong and Bachelor of Engineering in Computer Engineering from the Hong Kong University of Science and Technology.