Tune in to hear the most impactful lessons learned from Uber's security journey, and how security practitioners everywhere can tackle pervasive enterprise security challenges using the Elastic Stack.
5. Platform + Detection: Mission Objectives
• Platform Team: Enable rapid discovery, detection, investigation, &
mitigation of threats using an innovative & robust security platform.
• Detection Team: We detect malicious activity early enough for Uber to
mitigate before significant business impact.
The Elastic Stack is the backbone that makes up our
new enterprise defense platform.
9. Security Challenges
1. Lacking search engine for security logs
2. No common event model
3. No UI for visualizations + dashboards
4. Lethargic lead times for writing detections
5. Limited ability to retroactively search
observables
“Everything is on fire all the time” -Every security analyst on the planet
22. Conclusion
• Implement a common event model - ECS works great
• Processes and tech should be as fluid as your security
investigations
• The Elastic Stack is optimized for collaboration
• Genuinely excited to see what’s next for Elastic!