Home Artificial Intelligence Artificial Intelligence Media Flexible Network Security Detection

Flexible Network Security Detection

Audio version of the article

Summary

Servers and services that have any exposure to the public internet are under a constant barrage of attacks. Network security engineers are tasked with discovering and addressing any potential breaches to their systems, which is a never-ending task as attackers continually evolve their tactics. In order to gain better visibility into complex exploits Colin O’Brien built the Grapl platform, using graph database technology to more easily discover relationships between activities within and across servers. In this episode he shares his motivations for creating a new system to discover potential security breaches, how its design simplifies the work of identifying complex attacks without relying on brittle rules, and how you can start using it to monitor your own systems today.

Announcements

  • Hello and welcome to Podcast.__init__, the podcast about Python and the people who make it great.
  • When you’re ready to launch your next app or want to try a project you hear about on the show, you’ll need somewhere to deploy it, so take a look at our friends over at Linode. With the launch of their managed Kubernetes platform it’s easy to get started with the next generation of deployment and scaling, powered by the battle tested Linode platform, including simple pricing, node balancers, 40Gbit networking, dedicated CPU and GPU instances, and worldwide data centers. Go to pythonpodcast.com/linode and get a $60 credit to try out a Kubernetes cluster of your own. And don’t forget to thank them for their continued support of this show!
  • This portion of Python Podcast is brought to you by Datadog. Do you have an app in production that is slower than you like? Is its performance all over the place (sometimes fast, sometimes slow)? Do you know why? With Datadog, you will. You can troubleshoot your app’s performance with Datadog’s end-to-end tracing and in one click correlate those Python traces with related logs and metrics. Use their detailed flame graphs to identify bottlenecks and latency in that app of yours. Start tracking the performance of your apps with a free trial at pythonpodcast.com/datadog. If you sign up for a trial and install the agent, Datadog will send you a free t-shirt.
  • You listen to this show to learn and stay up to date with the ways that Python is being used, including the latest in machine learning and data analysis. For more opportunities to stay up to date, gain new skills, and learn from your peers there are a growing number of virtual events that you can attend from the comfort and safety of your home. Go to pythonpodcast.com/conferences to check out the upcoming events being offered by our partners and get registered today!
  • Your host as usual is Tobias Macey and today I’m interviewing Colin O’Brien about Grapl, an open source platform for detection and response of system security incidents

Interview

  • Introductions
  • How did you get introduced to Python?
  • Can you start by describing what Grapl is and the problem that you are trying to solve with it?
    • What was your original motivation to create it?
  • What were the existing options for security detection and response, and how is Grapl differentiated from them?
  • Who is the target audience for the Grapl project?
  • How is the Grapl system architected?
    • How has the design of the system evolved since you first began working on it?
    • How much effort would it be to separate the Grapl architecture from AWS to migrate it to other environments?
  • What have you found to be the benefits of splitting the implementation of the system between Rust for the system and Python for the exploration?
    • What challenges have you faced as a result of working across those languages?
  • What data sources does Grapl use to build its graph of events within a system?
  • Can you talk through the overall workflow for someone using Grapl?
  • What are some examples of the types of exploits that you can identify with Grapl?
  • What are some of the most interesting, unexpected, or innovative ways that you have seen Grapl used?
  • What are some of the most interesting, unexpected, or challenging lessons that you have learned while building it?
  • When is Grapl the wrong choice?
  • What do you have planned for the future of Grapl?

This article has been published from a wire agency feed without modifications to th text. Only the headline has been changed.

Source link

- Advertisment -

Most Popular

Nanotechnology: What is it and how does it improve CBD?

There is just about any kind of CBD product you can think of - there are edibles (with vegan options because why not?), oil...

Make Your Own Virtual Zoom Background | Beginner Python Coding Tutorial 

A lot of video calling software like Zoom and Google Hangouts now let users use a virtual background behind them. In this project, we'll...

The Evolution in Data Science Jobs

AutoML is poised to turn developers into data scientists — and vice versa. Here’s how AutoML will radically change data science for the better. In...

Understanding the Difference between Blockchain and Relational database

What is a blockchain database? If we consider all that we have learned about blockchains so far, we can say that blockchains are quite sophisticated and complex....

Understanding the Future of Money

Five years ago, Bitcoin and its cousins in cryptocurrency seemed so unimportant that central banks could hardly be bothered to sneer at them. Now...

Using endpoint AI in vision applications

In 2016, truly high accuracy facial recognition on a smartphone was a remarkable innovation but is now close to becoming fully mainstream. While many...
- Advertisment -