Security Information and Event Management (SIEM)
Events from IDS/IPS systems can be voluminous. How do you sort through all the data collected to find the actionable information? Or have you ever been asked, Did you see anything yesterday at 10:00 am in the morning that was out of normal activity? How many times has this happened to the security staff?
To make better, faster security decisions for your organization, you need better information faster.. Capturing the existing network event, log and flow data already provided by your infrastructure with a SIEM solution is the first key step to better information and intelligence. Detecting data breaches, insider leaks and persistent attacks means performing multiple, in-depth data dives in seconds or minutes, not hours or days.
With a SIEM solution this presentation will show you use cases on how to:
-Sort through voluminous data to quickly find the actionable information
-Using base lining and forensic analysis, identify specific security events
Speaker:
David Osborne - Consulting Security Engineer
Speaker Biography:
David has a 15 year Information Technology background working with IDS/IPS, Vulnerability and Risk Assessment, SIEM and Configuration Management technologies. Most recently David has worked at E*Trade Financial in Information Security operating and managing SIEM products. David is an 11 year veteran of the United States Navy and currently has two sons also serving in the Armed Forces. David currently resides in Atlanta.
Location:
SAIC - 6723 Odyssey Drive, 35806
