OmniSOC: A Shared Cyber-Defense Center for Higher Education Powered by ELK

Five member universities of the Big Ten Academic Alliance recently launched a new shared cybersecurity operations center, called OmniSOC, to share threat intelligence between its members, and dramatically reduce the time from threat detection to mitigation. Powered by the Elastic Stack (ELK Stack), OmniSOC ingests and correlates data from thousands of systems across all of its member institutions into Elasticsearch, and then analyzes the data to alert participating SOC teams on breaches and threats in real time.

Rich Graves, Principal Security Engineer, and Ed Balas, Senior Manager of Network and Security Analysis Platforms talk about OmniSOC’s mission. Learn how they evaluated technology, and how the Elastic Stack enables their award-winning security analytics initiative.

Highlights include:

  • How OmniSOC is taking a data-driven approach to security, making threat detection much more predictive and proactive
  • Understanding the flexibility of the Elastic Platform to store a multi-petabyte digital archive
  • How OmniSOC plans to scale up its services and expand membership beyond the Big Ten Academic Alliance to include other institutions

Additional Resources:

Register to Watch

You'll also receive an email with related content

Ed Balas

Senior Manager of Network and Security Analysis Platforms, OmniSOC | Indiana University

Rich Graves

Principal Security Engineer, OmniSOC | Indiana University

Mike Paquette

Mike joined Elastic in 2016 from Prelert, where he'd been VP of Products for Prelert's machine learning technology. Mike's focus at Elastic is to help users and customers succeed with security-related applications of the Elastic Stack. Starting his career as an ASIC designer, Mike has led the development of SIEM, network IPS, DDoS Defense, and network monitoring solutions. Mike is a co-author of a patent on DDoS protection.