EY IDEATHON - FOR SOLVING CYBER SECURITY PROBLEM STATEMENTS

* EY Ideathon Challenge is open to both Students and Startups

What will you get !!

Direct entry into the Idea Fest finals and a chance to win grant upto 7 lakhs depending on the stage of your idea, subject to the review and selection by the KSUM internal panel of judges.

Problem Statement 1: File less Malware Detection

Is there a mechanism to detect File less/In-Memory/non-malware attack preferably using open source, free or self-created application which can monitor for rouge API calls, Process injections and hijacks?

Expected Product / Solution: Participants are expected to come out with a PoC for file less attack detection. The use case can be created using a SIEM which can help build correlation logic to detect rogue behaviour based on the data collected from endpoint machine

https://azure.microsoft.com/en-in/blog/detecting-in-memory-attacks-with-sysmon-and-azure-security-center/

Problem Statement 2: TI FrameWork

Threat intelligence (TI) is evidence-based knowledge, including context, mechanisms, indicators, implications and actionable advice, about an existing or emerging menace to asset that can be used to inform decisions regarding the organization's assets. To obtain this information, Organizations usually rely on various tools and knowledge sharing platforms. Intelligence should be in a way that the Organizations should know their asset criticality before those assets get targeted by the attackers

Expected product/solution: Expected to build a framework which will collect the intelligence feeds from various sources, categorize the feeds based on a specific sector.

Problem Statement 3: Embedded EDR Solution

Description: Transformation of security monitoring strategy from traditional signature/ log based monitoring to behavioural and deep inspection techniques creates more investment and procurement demands on clients to accommodate systems like EDR (endpoint detection and response) / Network payload inspection systems etc. Even though search engines like Splunk and elastic search etc got immense features to play with data the creative blending of minute information from end points as well as from network to these solutions is still on documents and discussions. A creative blend of freely available endpoint monitoring plugins such as Sysmon with above mentioned search engines can surpass the additional investment demands on clients to perform behavioural / deep inspection based detections.

Expected product/solution: A blended solution of Sysmon + ELK/Splunk to achieve the capabilities of EDR systems.

Problem Statement 4: Website Content Security

Website content security, website performance monitoring and vulnerability management system as a managed solution targeting any one has space in internet.

The solution will be built by leveraging existing opens source tools and can later replace the components by developing proprietary components. Many open source systems are in place as individual components.

Expected Solution: The proposed solution should have following features. Key point the system should support both proprietary and open source built website/web applications.

Problem Statement 5: Brand Monitoring using Open Source Data Analytics

Description: Brand value and reputation is a critical asset of every organization. Even though there are many social media services are there in place, a fully customisable cost effective solution is still a pain area for the said vertical. Social media acts as key data source for such platforms, but it can vary from client to client hence, an open to data solution that can perform brand monitoring increase the confidence level as well as the monitoring radius for customers.

Proposed Solution: Leveraging the open source ELK framework to perform data analytics using hashtags and combination of hashtags by collecting data from social media and other feeds.

Reward?

Direct entry into the Idea Fest finals and a chance to win grant upto 7 lakhs depending on the stage of your idea, subject to the review and selection by the KSUM internal panel of judges.