Security analytics with Elastic

Vázquez Pesado, David

Please use this identifier to cite or link to this item: http://hdl.handle.net/10609/117789

Title:	Security analytics with Elastic
Author:	Vázquez Pesado, David
Director:	Garcia-Font, Victor
Tutor:	Canto Rodrigo, Pau del
Abstract:	This project was created to cover the growing need in companies for the implementation of control and security monitoring systems, which allow for the improvement of asset and infrastructure security in business environments. The project is based entirely on the Elastic Suite, a set of tools that allow a simple analysis of existing information sources in business environments, from which security information is extracted, such as DNS, Netflow, System Events, Audit, etc. The objective is to use the tools provided by Elastic for the analysis of business data, to later integrate them with Elastic SIEM and, by means of Machine Learning techniques, achieve improved prevention and detection of security threats. This is really useful to visualize in real time the state of the assets and the infrastructure, which allows to keep a total control of what is happening in every moment. This entails, if necessary, to prompt action for the prevention or mitigation of a security threat. The final product becomes a comprehensive security system, which allows not only to control possible security threats, but also provides useful information through continuous monitoring of assets, being able to know the current status of the infrastructure in real time.
Keywords:	Elastic SIEM monitoring machine learning
Document type:	info:eu-repo/semantics/masterThesis
Issue Date:	2-Jun-2020
Publication license:	http://creativecommons.org/licenses/by-nc-nd/3.0/es/
Appears in Collections:	Trabajos finales de carrera, trabajos de investigación, etc.