Presented at
Texas Cyber Summit 2019,
Oct. 10, 2019, 1 p.m.
(120 minutes).
This presentation will discuss how teams can employ enterprise security monitoring (for free!) to better assess security controls and protect their computer networks. Various data types will be discussed, as well as their value to an investigation, and how that data can provide greater overall context to events occurring within computer networks.
**Description:** In this day and age, network breaches and security incidents are all but uncommon. As a community, we have begun to shift away from the age-old "magic box" approach of simply relying on the perimeter firewall to keep bad guys out, and have moved towards a stance in which we assume that at some point, the bad guys will make their way into our network. At such point, we must be able to quickly identify and take action in regard to such activity. As network defenders, this requires us to understand our networks. This means gaining perspective around normal network behavior, abnormal behavior, and the overall scope of an event. How do we do that? With Security Onion, of course! Security Onion is a completely free, open-source distribution used for enterprise security monitoring that can be easily deployed in your environment in minutes. This talk will highlight various ways in which Security Onion can be used to empower analysts, hunt for bad guys, and enhance overall organizational security posture. Topics discussed will include use cases, current and planned capabilities and integrations, as well as a typical investigative workflow.
Presenters:
-
Wes Lambert
- Security Onion Solutions
Wes Lambert is a Senior Engineer at Security Onion Solutions, where he helps companies to implement enterprise security monitoring solutions and better understand their computer networks. Wes is a huge fan of open source software projects, and loves to solve problems and enhance organizational security using completely free and easily deploy-able tools.
Twitter @therealwlambert
Links:
Similar Presentations: