backwaters security streaming platform
play

Backwaters: Security Streaming Platform Comcast TPX Security - PowerPoint PPT Presentation

Jun 21, 2023 •9 likes •179 views

Backwaters: Security Streaming Platform Comcast TPX Security Solutions Engineering (SSE) The Team Chris Maenner Ryan Van Antwerp Will Weber Principal Security Developer Principal Security Developer Senior Security Developer 2 Agenda

  1. Backwaters: Security Streaming Platform Comcast TPX Security Solutions Engineering (SSE)

  2. The Team Chris Maenner Ryan Van Antwerp Will Weber Principal Security Developer Principal Security Developer Senior Security Developer 2

  3. Agenda Apache Kafka Overview • Intelligence Driven Security • Methods of Receiving Logs • Architecture of Backwaters: Security Streaming Platform • How security utilizes Apache Kafka's API • 3

  4. Apache Kafka Overview Apache Kafka is a distributed streaming platform which has three key capabilities: Publish and subscribe to streams of records, similar to a message queue • Store streams of records in a fault-tolerant durable way • Process streams of records as they occur • Kafka is generally used for two broad classes of applications: Building real-time streaming data pipelines that reliably get data between systems or • applications Building real-time streaming applications that transform or react to the streams of data • Kafka includes four core data-centric APIs: Producer • Consumer • Streams • Connector • Reference: https://kafka.apache.org/documentation/#gettingStarted 4

  5. Intelligence Driven Security LEVEL 1 LEVEL 1 TRANSFORM LOG PRODUCERS LAYER LEVEL 2 ADVANCED LEVEL 3 THREAT THREAT BACKWATERS NETWORK & CORRELATION DETECTION DATA SCIENCE AUTHENTICATION ADVANCED SIEM TOOLS DETECTION CLOUD & DATA CENTER SECURITY EVENTS CORRELATION NETWORK, TOOLS, AND ALERTING INFRASTRUCTURE INFRASTRUCTURE REAL-TIME KNOWN BEHAVIORAL ANALYTICS, UNKNOWN THREAT TOOLS & METADATA THREAT CORRELATION THREAT SIMULATION & DETECTION DECEPTION KAFKA APPLICATION DATA 5

  6. Methods of Receiving Logs Comcast Data Centers Amazon Web Services Cloud Microsoft Azure Cloud Options : Options : Options : • Kafka Producer • EC2 Producer • Azure Functions Producer • Syslog Producer • Lambda Producer • Azure VM Producer 6

  7. Syslog Ingest Path Data Producers Load Balancer(s) Message Bus Consumers Comcast Private Cloud Availability Zones Security Information and Event Management (SIEM) Elastic Logstash Elastic Beats East Data Science Tools Linux Servers Primary Compliance Tools Central Log Indexing Kafka Secondary Compatible Other sources West Tools 7

  8. AWS Consumer Path Comcast Private Cloud Comcast Managed AWS Cloud AWS VPC Kafka Winlogbeat AWS Direct Connect Amazon EC2 Amazon S3 Logstash 8

  9. AWS Ingest Path Comcast Private Cloud AWS Virtual Private Cloud (VPC) Comcast Managed SIEM Backwaters Data Science Tools AWS Lambda AWS AWS S3 AWS Direct Connect GuardDuty Elastic Search Cluster 9

  10. Backwaters Multi-Tenant Data Framework Azure Log Azure Event Hubs Azure Functions Amazon Web Services Microsoft Azure Cloud Analytics Amazon S3 EC2 VPC Subnet Azure Express Route AWS Direct Connect Comcast Private Cloud Servers Kafka 10

  11. Apache Kafka’s API The Producer API allows an application to publish a stream of records to one or more Kafka • topics The Consumer API allows an application to subscribe to one or more topics and process the • stream of records produced to them The Streams API allows an application to act as a stream processor , consuming an input stream • from one or more topics and producing an output stream to one or more output topics, effectively transforming the input streams to output streams The Connector API allows building and running reusable producers or consumers that connect • Kafka topics to existing applications or data systems. For example, a connector to a relational database might capture every change to a table The AdminClient API allows managing and inspecting topics, brokers, and other Kafka objects • Reference: https://kafka.apache.org/documentation/#api 11

  12. Apache Kafka Producer/Consumer API The Producer API: The Consumer API: Write access to one or more topics • Read access to one or more topics • Allows applications to send streams of • Read streams of data from topic(s) • data to topic(s) Kafka Broker Producer Topic 1 Consumer Partition 1 Partition 2 Producer Topic 2 Consumer Partition 1 Producer Partition 2 12

  13. Apache Kafka Streams API • High level abstraction language using Java’s API • Unbounded, continuous real-time flow of records • You don’t need to explicitly request new records, you just receive them • Domain Specific Language (DSL) is built on top of the Streams Processor API: • Built-in abstractions for streams and tables: • Kstream : append-only ledger ( INSERT only) Ktable : UPSERT changelog stream for one partition • GlobalKTable : UPSERT changelog stream for all partitions • • Supports stateless and stateful transformations: Map : unique keys to values • • Filter : evaluate Boolean to retain or drop elements Aggregations (e.g. count, reduce) • Joins (e.g. Inner, Left, Outer) • Windowing (e.g. group records that have the same key ) • 13 Reference: https://kafka.apache.org/documentation/streams

  14. Kafka Streams API (Transform) Kafka Streams app transform object(s) and write to new topic Parsed Topic Raw Topic { "timestamp": "2019-01-10 20:20:39", "2019-01-10 20:20:39"; \ "username": "alice", "alice”; \ "os": "Windows", "Windows”; \ "systemType": "Desktop", "Desktop”; \ "ipAddress": "10.0.0.126" "10.0.0.126" } Consumers Backwaters Comcast Cloud Producers Source Raw Data 14

  15. Apache Kafka Connect API • Connectors tool for scalably and reliably streaming data between Kafka and other systems • Kafka Connect is intended to be run as a service • Kafka Connect currently supports two modes of execution: Standalone : all work is performed in a single process ( Simplest ) • • Distributed : handles automatic balancing of work, allows you to scale up (or down) dynamically Core Concepts and APIs : • • Connectors come in two flavors (e.g. Pull or Push): SourceConnectors : import data (e.g. JDBCSourceConnector would import relational database) • • SinkConnectors : export data (e.g. HDFSSinkConnector export topic to an HDFS file) • Connectors are responsible for breaking jobs into a set of Tasks: SourceTask : pull interface with two APIs, commit and commitRecord • • SinkTask : push interface • REST API Layer: • View the status/configuration of connectors • Alter current behavior (e.g. change config or restart task 15 Reference: https://kafka.apache.org/documentation/#connect

  16. Kafka Connect API ( SourceConnectors ) Kafka Streams app transform object(s) and write to new topic Parsed Topic { "timestamp": "2019-01-10 20:20:39", timestamp user os type ipAddress ”user": "alice", "os": "Windows", 2019 2019-01 01-10 20:20:39 10 20:20:39 Alice Alice OSX OSX Desktop Desktop 10.0.0.126 10.0.0.126 ”type": "Desktop", "ipAddress": "10.0.0.126" } Consumers Kafka Connect app performing Backwaters Comcast Cloud JDBC connection to database 16

  17. Questions?

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

HPE SecureData for Big Data Platform HPE Vertica Big Data Platform HPE Security Data

HPE SecureData for Big Data Platform HPE Vertica Big Data Platform HPE Security Data

HPE SecureData for Big Data Platform HPE Vertica Big Data Platform HPE Security Data Security February 2016 Data Security Impacts Design and Delivery of Big Data Projects Data Security frequently is a leading Role Security Impacts

545 views • 23 slides
AV1 adoption in a RT streaming platform Richard Blakely - Millicast AV1 for RT Broadcasting

AV1 adoption in a RT streaming platform Richard Blakely - Millicast AV1 for RT Broadcasting

AV1 adoption in a RT streaming platform Richard Blakely - Millicast AV1 for RT Broadcasting WHY?? Benefits/Cost of RT AV1 SVC Pro: Higher compression rate Business model is mostly based on bandwidth consumption, the savings can either

208 views • 18 slides
Mobile Device and Platform Security Part II John Mitchell Two lectures on mobile security

Mobile Device and Platform Security Part II John Mitchell Two lectures on mobile security

CS 155 Spring 2018 Mobile Device and Platform Security Part II John Mitchell Two lectures on mobile security Introduction: platforms and trends Threat categories Physical, platform malware, malicious apps Defense

1.17k views • 93 slides
A software platform for high-load video streaming projects of any scale About the

A software platform for high-load video streaming projects of any scale About the

A software platform for high-load video streaming projects of any scale About the Product Flussonic Media Server is a server software that helps you capture, transcode, record, protect, and deliver video to users across multiple

381 views • 11 slides
Mobile Device and Platform Security John Mitchell Two lectures on mobile security Introduction:

Mobile Device and Platform Security John Mitchell Two lectures on mobile security Introduction:

Spring 2018 CS 155 Mobile Device and Platform Security John Mitchell Two lectures on mobile security Introduction: platforms and trends Threat categories n Physical, platform malware, malicious apps Defense against physical theft Thurs

1.28k views • 64 slides
Greg Neiheisel CTO Astronomer Data Engineering Platform Streaming data Data pipelines Code

Greg Neiheisel CTO Astronomer Data Engineering Platform Streaming data Data pipelines Code

Greg Neiheisel CTO Astronomer Data Engineering Platform Streaming data Data pipelines Code first ETL Early Priorities Quick prototyping Get data in motion Ease of scale Astronomer V1 Lambda + API Gateway Cloudwatch for Monitoring

655 views • 26 slides
UCP GROUP Maritime Security Services UCP GROUP ONE SOLUTION ONE PLATFORM ONE SECURITY SERVICE

UCP GROUP Maritime Security Services UCP GROUP ONE SOLUTION ONE PLATFORM ONE SECURITY SERVICE

UCP GROUP Maritime Security Services UCP GROUP ONE SOLUTION ONE PLATFORM ONE SECURITY SERVICE Maritime Security - Commercial Shipping Security - Cruise Liner Security - Super-Yacht Security Maritime Security Services UCP GROUP is a market

247 views • 22 slides
QoS Aware Adaptive Security Scheme for Video Streaming in MANETs Tahsin Reza and Prof. Michel

QoS Aware Adaptive Security Scheme for Video Streaming in MANETs Tahsin Reza and Prof. Michel

5 th International Symposium on Foundations & Practice of Security October 25 - 26, 2012, Montreal, QC, Canada QoS Aware Adaptive Security Scheme for Video Streaming in MANETs Tahsin Reza and Prof. Michel Barbeau School of Computer

588 views • 21 slides
S T R E A M I N G P L A T F O R M S T R A C K E R STREAMING PLATFORMS TRACKER Our mission: Make

S T R E A M I N G P L A T F O R M S T R A C K E R STREAMING PLATFORMS TRACKER Our mission: Make

S T R E A M I N G P L A T F O R M S T R A C K E R STREAMING PLATFORMS TRACKER Our mission: Make the data accessible, affordable and easy to read for everyone. We track the Spotify & Apple Music charts & playlists. Next platform to be

339 views • 11 slides
CHALLENGE HANDLING MASSIVE STREAMING DATA COLIN MACNAUGTHON NEEVE RESEACH WHO IS NEEVE

CHALLENGE HANDLING MASSIVE STREAMING DATA COLIN MACNAUGTHON NEEVE RESEACH WHO IS NEEVE

THE IOT APPLICATION CHALLENGE HANDLING MASSIVE STREAMING DATA COLIN MACNAUGTHON NEEVE RESEACH WHO IS NEEVE RESEARCH? Headquartered in Silicon Valley Creators of the X Platform - Memory Oriented Application Platform. Passionate

607 views • 26 slides
a Security ECONomics service platform for smart security investments and cyber insurance pricing

a Security ECONomics service platform for smart security investments and cyber insurance pricing

a Security ECONomics service platform for smart security investments and cyber insurance pricing in the beyonD 2020 era SECONDO: A Platform for Cybersecurity Investments and Cyber Insurance Decisions The 17th International Conference on Trust,

273 views • 13 slides
Admin Today/Friday: mobile platform security Wednesday: Guest lecture: Christoph Kern,

Admin Today/Friday: mobile platform security Wednesday: Guest lecture: Christoph Kern,

CSE 484 / CSE M 584: Computer Security and Privacy Mobile Platform Security [start] Fall 2017 Franziska (Franzi) Roesner franzi@cs.washington.edu Thanks to Dan Boneh, Dieter Gollmann, Dan Halperin, Yoshi Kohno, Ada Lerner, John Manferdelli, John

638 views • 26 slides
Building an Open-Source based audio streaming platform Maxime Bugeia 2 February 2020 We stream

Building an Open-Source based audio streaming platform Maxime Bugeia 2 February 2020 We stream

Building an Open-Source based audio streaming platform Maxime Bugeia 2 February 2020 We stream audio! 2 French public broadcasting service 6 national channels 47 local channels 23 music webradios 2 Million listeners per day 200k

757 views • 53 slides
The magic behind your Lyft ride prices A case study on machine learning and streaming Strata

The magic behind your Lyft ride prices A case study on machine learning and streaming Strata

The magic behind your Lyft ride prices A case study on machine learning and streaming Strata Data, San Francisco, March 27th 2019 Rakesh Kumar | Engineer, Pricing Thomas Weise | @thweise | Engineer, Streaming Platform

693 views • 36 slides
Training Presentation Web Streaming Introduction What is Web Streaming? Who is Streaming?

Training Presentation Web Streaming Introduction What is Web Streaming? Who is Streaming?

S A N D Y A U D I O V I S U A L Training Presentation Web Streaming Introduction What is Web Streaming? Who is Streaming? Web Stream Process Types of Streams How to Stream for Free 2 S A N D Y A U D I O V I S U A L Who

158 views • 13 slides
Improving Cloud Security with Attacker Profiling Bryan D. Payne Engineering Manager, Platform

Improving Cloud Security with Attacker Profiling Bryan D. Payne Engineering Manager, Platform

Improving Cloud Security with Attacker Profiling Bryan D. Payne Engineering Manager, Platform Security Who is out to get me? What do they want? Why are we losing? Platform Security at Netflix Netflix Open Connect Appliance - AWS Mgmt -

498 views • 45 slides
20.2.2020 Opportunity for sustainably financial freedom Our - ACHIEVEMENT -

20.2.2020 Opportunity for sustainably financial freedom Our - ACHIEVEMENT -

Opportunity day 20.2.2020 Opportunity for sustainably financial freedom Our - ACHIEVEMENT - Certificated Company of Thailand Sustainability Thailand Sustainability Investment Certificated Company of Thailand s Private

239 views • 7 slides
Django Python Web Framework Rayland Jeans CSCI 5448 The framework for perfectionists with

Django Python Web Framework Rayland Jeans CSCI 5448 The framework for perfectionists with

Django Python Web Framework Rayland Jeans CSCI 5448 The framework for perfectionists with deadlines 1 Overview History of Django. How Django got started. What is the Django Web Framework? Creating a Django Project.

1.17k views • 40 slides
Adding Velocity to BigBench Todor Ivanov Ahmad Ghazal (todor@dbis.cs.uni-frankfurt.de),

Adding Velocity to BigBench Todor Ivanov Ahmad Ghazal (todor@dbis.cs.uni-frankfurt.de),

Adding Velocity to BigBench Todor Ivanov Ahmad Ghazal (todor@dbis.cs.uni-frankfurt.de), Futurewei Technologies Inc. Patrick Bedu, Roberto V. Zicari Santa Clara, CA, USA Frankfurt Big Data Lab, Goethe University Frankfurt, Germany 15 June

251 views • 23 slides
Too Much (Mobile) Media? Sports as a Site for Deba8ng the

Too Much (Mobile) Media? Sports as a Site for Deba8ng the

Too Much (Mobile) Media? Sports as a Site for Deba8ng the Limits of Media8za8on Bre$ Hutchins School of Media, Film & Journalism Monash

206 views • 16 slides
Be Conservative: Enhancing Failure Diagnosis with Proactive Logging Ding Yuan , Soyeon Park, Peng

Be Conservative: Enhancing Failure Diagnosis with Proactive Logging Ding Yuan , Soyeon Park, Peng

Be Conservative: Enhancing Failure Diagnosis with Proactive Logging Ding Yuan , Soyeon Park, Peng Huang, Yang Liu, Michael Lee, Xiaoming Tang, Yuanyuan Zhou, Stefan Savage University of California, San Diego University of Illinois at

392 views • 37 slides
OUTAGE MANAGEMENT PROCESS REDESIGN Candida DCosta Project SME, IESO February 23, 2016

OUTAGE MANAGEMENT PROCESS REDESIGN Candida DCosta Project SME, IESO February 23, 2016

OUTAGE MANAGEMENT PROCESS REDESIGN Candida DCosta Project SME, IESO February 23, 2016 Agenda Project Progress Update Recap of Web Client Testing Proposed Changes to Market Manual 7.3 Proposed Training Plan for Go Live

252 views • 22 slides
I Have a Web Framework. Now What? Pradeep Gowda IndyPy Web Conf Aug 23, 2019 Pradeep Gowda.

I Have a Web Framework. Now What? Pradeep Gowda IndyPy Web Conf Aug 23, 2019 Pradeep Gowda.

I Have a Web Framework. Now What? Pradeep Gowda IndyPy Web Conf Aug 23, 2019 Pradeep Gowda. IndyPy WebConf. Aug 2019. 1 Who am i? Programming python since ~1998 Member of IndyPy since 2008 Zope/Plone-> Django -> Flask

645 views • 50 slides
PLEASE HOLD ALL QUESTIONS UNTIL UNTIL AFTER AFTER THE THE PRESENT PRESENTATION TION Summar

PLEASE HOLD ALL QUESTIONS UNTIL UNTIL AFTER AFTER THE THE PRESENT PRESENTATION TION Summar

PLEASE HOLD ALL QUESTIONS UNTIL UNTIL AFTER AFTER THE THE PRESENT PRESENTATION TION Summar Summary y in y in your our pac packet et OFFICE OF THE BURSAR STUDENT CASHIER CENTER STUDENT DISBURSEMENTS CENTER

653 views • 34 slides

More recommend