| |||||
| |||||
Search Irongeek.com:
Help Irongeek.com pay for bandwidth and research equipment: |
There is no one single device that will provide a total security solution.
All those "magic" and 4th quadrant solutions will not protect you. Security is
not a framework, not a destination, and not a weekend of overtime implementing a
new tool. It is not news that organizations need defense in depth or layered
defenses. Too many organizations are stuck in a reactive security mode.
Businesses react to network alerts, researching events in the morning from the
day before. They react to virus detections when the av solution emails them a
report. Each security solution only provides a part of the answer to the
question "Am I owned'" Network alerts only provide a partial picture, same with
host monitoring. By combining logs, network alerts, and system alerts a much
clearer picture emerges. This talk will show that you can detect system
compromises days, weeks and even months before antivirus will catch it. It will
cover key system events and locations to monitor. Network events that you may
not currently be watching for that you absolutely should be watching. Plus how
simple visualization of log data can make potential compromises really stand
out. Examples from compromises will be used to reinforce the concepts presented. BIO: Renegade6 has been addicted to computers since he won a
TI-99/4A in a school raffle. In 1997 he was blown away by NMRC, L0pht, and
others. Past positions include satellite network administrator, network
administrator, system administrator, information security team lead, Information
Assurance Security Officer for the Green Zone in Iraq, Information Assurance
Manager, instructor, network defense, and currently Network Defense SME and
Senior Incident Handler.
15 most recent posts on Irongeek.com:
|
If you would like to republish one of the articles from this site on your
webpage or print journal please contact IronGeek.
Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast