Security Onion: Network Security Monitoring in Minutes

Presented at DerbyCon 2.0 Reunion (2012), Sept. 29, 2012, 6 p.m. (50 minutes)

Traditional Intrusion Detection Systems (IDS) can be costly, difficult to install, and may not provide all the capabilities that you need to defend your network. Network Security Monitoring (NSM) combines traditional IDS alerts with additional data to give you a more complete picture of what’s happening on your network. This presentation will demonstrate how to deploy NSM in just a few minutes using a free Linux distro called Security Onion.

Presenters:

• Doug Burks
  Doug Burks has over 10 years experience in Information Security. He has worked in many organizations over the years, including government facilities, chemical plants, and the media industry. Doug is currently the Deputy CSO for Mandiant and a SANS Community Instructor. He is one of the few people in the world to have passed the SANS GSE exam and also holds a Bachelor’s degree in Computer Science and the GCFA, GPEN, GCIA Gold, GCIH, GSEC, and CISSP certifications. Doug created and is the lead developer of Security Onion, a free Linux distribution for Intrusion Detection, Network Security Monitoring, and more. You can read more about Doug by visiting his blog at http://securityonion.blogspot.com/.

Similar Presentations:

• RVAsec 2019 / Network Security Monitoring: Experience and Lessons
• DEF CON 23 (2015) / NSM 101 for ICS
• GrrCON 2017 / vAp0r and the Blooming Onion