NuHarbor Hackathon

269 Registered Allowed team size: 1 - 6
Idea Submission
Online
starts on:
Dec 31, 2022, 06:30 PM
ends on:
Feb 15, 2023, 06:30 AM
Final Submissions
Online
starts on:
Feb 16, 2023, 05:01 AM
ends on:
Apr 01, 2023, 03:55 AM

Overview

There are dozens of types of cybersecurity devices with dozens of vendors in each category.  Effective cybersecurity requires a diverse set of data, typically crossing both vendor and device-type boundaries.  The Polyglot challenge is to develop a means of translating data from this highly heterogeneous mix into a single representation so that security management tools can either request or automatically ingest information that is consistently formatted though derived from multiple, heterogeneous, sources.

Whether an organization is looking to understand if they are under attack, or if a ransomware campaign is spreading, they need to ingest information that is being provided by a number of different vendors and technologies.  While the format and organization of telemetry from different providers will vary, the core elements are the same.  An endpoint security product will send alerts and messages with an address, a machine type, a timestamp, an alert priority, a related user, etc, but every vendor will organize and present this information differently.  It mimics a spoken or written language, where the structure or object/action/description is common.  The Polyglot project will create a translator, pulling out the common and most important elements of security device telemetry data to support a data abstraction layer that can be used to generate platform-agnostic outbound interfaces for reporting and alerting, and inbound interfaces for configuration and response activities.

Sakon

About us:-

 

 

Almanna Cyber is a venture fund and start-up accelerator.  The developing Almanna cohort of companies will benefit from a common ontology, and the creation of a company to create a product-strength version of Polyglot is an attractive investment opportunity.

Website   Linkedin

 

 

NuHarbor Security manages cybersecurity for hundreds of organizations, many of them in the public sector, who rely on a heterogeneous and growing set of underlying security technologies.  As a result, NuHarbor analysts and engineers are very familiar with the vagaries of these tools and the complexities that they introduce for users.  Polyglot will provide a unifying framework for monitoring and response tooling in the hands of these experts.

WebsiteTwitter  Instagram  YouTube

Themes

The cybersecurity market is quite complex, and security operations require knowledge of threats, technologies, and indicators of activity, across multiple domains. These domains are defined by technologies and security measures implemented.

For our challenge we are looking for a new approach to reducing some of this complexity through the use of a common interpreter that can normalize event language across multiple vendor platforms. Specifically, we challenge the audience to create a single higher-level abstraction of event language that will allow an analyst to recognize malicious behavior, using a single set of queries across multiple endpoint protection solutions. For the challenge sample data will be provided from CrowdStrike and Microsoft Defender.

To clarify further, these technologies will all detect malicious events on protected endpoints, but each will report on them in a different format. We are looking for a translating function, and interpreter, that will be capable of consuming logs and events from these differing technologies and produce an output that is normalized into a consistent, new, format that can be queried by an analyst who will not need to understand or even recognize the specific technology that is providing the information.

The approach will need to perform at scale, as these are high volume messages, and maintain machine-speed performance. We expect this to be very much like an NLP solution, but with a very limited syntax (the event/message format) and a limited set of output items (the normalized events).

 

Prizes USD 15000 in prizes

Main Prizes
First Prize
USD 10000
Special Prizes
Notable Entries (5)
USD 1000

Up to Five notable non-winning entries will be eligible for $1K prizes

starts on:
Dec 31, 2022, 06:30 PM
closes on:
Feb 15, 2023, 06:30 AM

Social Share

Notifications
View All Notifications

?