A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Collect All the Data - Protect All the Things - Aaron Rosenmund Derbycon 2019 (Hacking Illustrated Series InfoSec Tutorial Videos)

Collect All the Data - Protect All the Things
Aaron Rosenmund
Derbycon 2019

Protecting all the things, all the time requires the collection and analysis of all the data. The range of threats is wide and can be highly advanced. To bring the sexy back to blue team, the next generation security operations team has too look across all the available data sources. Correlating of network, application, machine, and endpoint OS data events to find anomalous behavior and reduce false positives. This talk covers application of different methods of collection and analysis as well as the use of machine learning to generate behavioral anomalies that are incorporated into overall continuous monitoring capabilities to catch a variety of apt activity before a signature has been developed. This is not a vendor talk and nearly all tools discussed are open source and free.

I am a full-time author with Pluralsight focusing on security operations and incident response conducting research and producing advanced level video courses and demonstration content for Pluralsight. A part time member of the Florida Air National Guard, I built and operated one of the first mission defense teams for the 601 AOC Tyndall and now focus on the development of security monitoring, detection, and threat hunting.Certs: GCED, GCIA, CCNA Cyber Operations, Comptia Sec+, and the new Comptia Pentest+; more found at www.aaronrosenmund.com. Sec dev work at www.github.com/arosenmund

@arosenmund

Back to Derbycon 2019 video list

Printable version of this article

15 most recent posts on Irongeek.com:


    If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

    Copyright 2019, IronGeek
    Louisville / Kentuckiana Information Security Enthusiast