| |||||
| |||||
Search Irongeek.com:
Help Irongeek.com pay for bandwidth and research equipment: |
20/20 Enterprise Security Monitoring: Seeing clearly with Security Onion
Abstract:
In this day and age, network breaches and security incidents are all but uncommon. As a community, we have begun to shift away from the age-old "magic box" approach of simply relying on the perimeter firewall to keep bad guys out, and have moved towards a stance in which we assume that at some point, the bad guys will make their way into our network. At such point, we must be able to quickly identify and take action in regard to such activity. As network defenders, this requires us to understand our networks. This means gaining perspective around normal network behavior, abnormal behavior, and the overall scope of an event. How do we do that? With Security Onion, of course! Security Onion is a completely free, open-source distribution used for enterprise security monitoring that can be easily deployed in your environment in minutes. This talk will highlight various ways in which Security Onion can be used to empower analysts, hunt for bad guys, and enhance overall organizational security posture. Topics discussed will include use cases, current and planned capabilities and integrations, as well as a typical investigative workflow.
Bio:
Wes Lambert is a Senior Engineer at Security Onion Solutions, where he helps companies to implement enterprise security monitoring solutions and better understand their computer networks. Wes is a huge fan of open source software projects, and loves to so
15 most recent posts on Irongeek.com:
|
If you would like to republish one of the articles from this site on your
webpage or print journal please contact IronGeek.
Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast