We are seeking a Graduate or PhD student with a background in Cybersecurity for a Summer internship.
Project Overview: You will research User and Entity Behavioral Analysis (UEBA) capabilities within the Elastic Stack to support a Policy Decision Point (PDP).
Data Sources:
- Active Directory Domain
- Active Directory Certificate Services
- Windows endpoints
- Linux endpoints
- Palo Alto Firewalls
- Suricata Intrusion Detection System
- Zeek Network Sensor
- Netflow
- Cisco IOS events
Execution: This project will involve implementing detection engine rules, entity analytics, or Machine Learning models within the Elastic Stack.
What is UEBA? User and Entity Behavior Analytics (UEBA) involves collecting and analyzing user activity data to establish normal behavior patterns. By monitoring real-time activities against these baselines, organizations can identify irregularities, potential security threats, unauthorized access attempts, and data breaches.
Learning Opportunities: Selected applicants will gain experience and build essential skills for long-term success, including:
- Technical report writing
- Network analysis
- Blue team operations
- Threat analysis and exploitation trail analysis
- Lateral movement study of attackers within networks
- Understanding Elastic Search capabilities and features
- Working with machine learning models
- Writing reports on complex technical events
- Investigating and analyzing security incidents
- Deploying Elastic Search tools and services
- Leveraging built-in ML models for security threats and system issues
- Exploring Elastic Learned Sparse Encoder model and language identification
- Accessing third-party PyTorch models, including those from the HuggingFace model hub
- Using the Eland library to load models into Elastic for various ML applications
Note:
This is a 10 week, remote, unpaid Internship