1 of 5

Security Operations Analyst Interns

Ryan Gillen, Michael Pinelli, Parker Soares, Henry Howell

Supervisor: Damir Hajrovic

2 of 5

Goals of Security Operations Analyst Interns

(SecOps)

  • Build skills within these stacks to hunt for threats, create automated alerts, and visualize trends
  • Gain valuable experience building a data monitoring stack with ELK from the ground up

3 of 5

What is ELK?

ELK (or Elastic Stack) is a collection of open source software that allows us to

aggregate, process, and visualize data across all systems in a digital environment

ElasticSearch: Stores and indexes logs

Logstash: Processing and shipping of logs

Kibana: Web interface for visualizing logs

4 of 5

Why Sec Ops?

  • We create environments that SecOps Analysts use to make

log/data monitoring procedures more powerful, efficient, and elegant

  • Opportunities for collaboration with team members to troubleshoot

various issues and build professional relationships

  • SecOps is an immersive environment which applies content

studied in class to real-life applications, and forces you to seek out solutions

5 of 5

How We Accomplished our Goals

  • Collaboration across all members of the team to troubleshoot and come up with creative solutions
  • Utilized workplace collaboration resources and organization systems such as Slack and Trello
  • Damir helped guide us through the process of threat hunting from automated alerts
  • Independently and collaboratively researched troubleshooting options and developed solutions