A quick look at the past…heading forward…

Here we are, again in a festive season. We are celebrating Passover; some are celebrating Easter and others in few weeks will have Ramadan. The wold is once again is going to celebrate. In this season we will celebrate the Spring (at least, here in the northern hemisphere).   Celebrating new beginning. Celebrating springtime. As a result of that, I have checked how much time I have spent in the classroom of the last year. Some 1000 hrs I was standing in classrooms all over the country spreading the word about CyberSecurity. Teaching intro courses as well as Cyber for Developers. Working with private technical colleges, academic institutes and NGOs, I have found amassing people eager to learn the secrets of this profession, Cyber Security Practitioner.  Standing at this point I'm excited for the coming days, weeks…months…creating new portfolio to reach new markets. Stay tuned for updates. 

This is one of the reasons i love my work

For the last year, I'm developing Cyber Training classes. One of them was "Cyber Programmer", for which I have joined forces with Tsofen (an Israeli NGO perusing to manpower arbs in the High-tech industry) and IITC (Israeli Institute of Technology and Communication).

In this class we have taken graduates in the IT and systems arena, giving them some Cyber awareness as well as basic pan testing and forensics skills and know-how, as well as Java and Python coding.

As a project I have asked them to build a SIEM system that will monitor Windows and Linux clients, will collect logs and push them securely to the server.

The server, in turn, will parse the logs, identify events and list them into a DB that will be shown on a web interface. This is what I had in mind….

The team have excelled and have done amazing things within a time frame of only two months. They have written the product description and the design documents for each component of the system. Then they have started to code. The core of the product; the push agent and the server are Java based. Pulling the logs every 3 min (both OS and Snort IDS) and sending them over SFTP to the server. At the server some Python scripts are parsing the logs, identifying the cyber-attacks and listing the outputs in MySQL server that in turn makes it available for the web server to display. This is how it looks like.

They did capture my vision.

It was amazing journey nursing those kids (since they are half of my age I can call them…Kids) seeing a group of individuals working together, handling all roles in the development cycle; Product management, System Architects, Researchers, Developers, QA, and integration. They also did a fabulous job as Presales when they have demonstrated the system's capabilities.      

My students have built SIEM

Some three months back I have formed a new course, known as the name "Cyber Developer". I have set sail for this project with Tsofen, an Israeli NGO that is working to elevate young Israelis Arabs assisting them to find their first job in the growing high-tech industry. I was responsible for the cyber aspects of the training as well as defining the content of the project which the students are going to struggle with.

Taking the role of a potential customer I have asked them to develop for me a system that will work like a SIEM.
Divided into workgroups the students have practiced all roles that are involved in the development cycle. the students have defined all the required components, designed, researched, code it and tested it. The product is going to be revealed to some industry leaders next week...