Hello,
a student colleague and I are currently preparing a student project in
the master's degree program Secure Information Systems at the University
of Applied Sciences Upper Austria. The topic should be about SIEM/SOC.
As a possibility we currently see a participation in the Apache Metron
project. I have a few questions about this:
What is the current roadmap for Metron?
What features or improvements do you see that we could possibly work on?
An alternative for us would be the development of basic rules. I have
things equivalent to the prebuild rules of the Elastic SIEM in mind
(https://www.elastic.co/guide/en/siem/guide/current/prebuilt-rules.html,
https://www.elastic.co/guide/en/siem/guide/current/prebuilt-ml-jobs.html).
What is the interest here?
Best regards
Jasper
