Setting up an Opensource Threat Detection Program

Presented at DeepSec 2019 „Internet of Facts and Fears“, Unknown date/time (Unknown duration).

Through the use of event detection monitoring and do it yourself monitoring techniques on a Linux Apache PHP MySQL stack, I will demonstrate how you can create different alarms and reporting surfaces that alert you when your application is being attacked. This case study will demonstrate the use of hacking tools as a defense strategy in a corporate network and will cover the story of the detection of insider threats from the internal application point of view. The entire presentation is a hands-on lab that can be used after the presentation as a guide for attendees to set up a Threat Detection program.


Presenters:

  • Lance Buttars - Ingo Money
    Lance works as a software engineer in the payment industry developing software that transfers money between banking systems. He is a founding member of 801 Labs; a hackerspace located in Salt Lake City and is an active member of his local Defcon group DC801. Lance has a BS in Computer Science and a Master's Degree in Cybersecurity and Info Assurance.

Links:

Similar Presentations: