Gain Top-Notch Cyber Skills. Register for SANS Chicago 2017. Save $400 thru June 28.

SANSFIRE 2014

Baltimore, MD | Sat, Jun 21 - Mon, Jun 30, 2014
This event is over,
but there are more training opportunities.
 

Setting up Splunk for Event Correlation in Your Home Lab

  • Aron Warren - Master's Degree Candidate
  • Wednesday, June 25th, 7:15pm - 7:55pm

Masterās Presentation

Splunk is an ideal event correlation instrument for use in large enterprise environments down to small home laboratory networks such as those used by students. Splunkās appeal has grown over the past few years due to a number of factors: speed and amount of collectable data, a growing user base as well as new ways of exploiting its capabilities are discovered. This presentation will outline a student research home network Splunk installation including Internet taps, infrastructure used, query creation, and finally pulling multiple data sources together to track security events.

Speaker Bio: Aron Warren is an employee at SAIC. His work has included cluster integration, scheduler and batch management. Aronās work over the past 17 years also includes VOIP, WAN and VPN integrations as well as various system administration functions revolving around Unix/Linux. Aron holds an undergraduate degree in Computer Science from the University of New Mexico and is currently working on a Master of Science in Information Security Engineering with the SANS Technology Institute (STI).

Bonus Sessions

The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:

  • SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
  • Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
  • Vendor: Events hosted by external vendor exhibitors.
  • Lunch & Learn: Short presentations given during the lunch break.
Monday, June 23
Session Speaker Time Type
General Session - Welcome to SANS Johannes Ullrich Monday, June 23rd, 8:15am - 8:45am Special Events
SANS Technology Institute Open House William Lockhart Monday, June 23rd, 6:00pm - 7:00pm Special Events
State of the Internet Panel Discussion Dr. Johannes Ullrich, ISC Director and Marcus Sachs, ISC Director Emeritus Monday, June 23rd, 7:15pm - 9:15pm Keynote
Tuesday, June 24
Session Speaker Time Type
Resurrection of the Data Entry Attack Aaron Higbee, Chief Technology Officer & Co-Founder, PhishMe Tuesday, June 24th, 12:30pm - 1:15pm Lunch and Learn
Using Intelligence Methods in Mobile Forensic Exams Lee Papathanasiou, Sales Engineer, Cellebrite Tuesday, June 24th, 12:30pm - 1:15pm Lunch and Learn
Continuous Monitoring & Mitigation Tim Jones, Systems Engineer, Forescout Tuesday, June 24th, 12:30pm - 1:15pm Lunch and Learn
The Power of Lossless Packet Capture (1G-100G) & Real-time Netflow Sam Cook, Senior Sales Engineer Tuesday, June 24th, 12:30pm - 1:15pm Lunch and Learn
Understanding the Threat: A Model to Enable Active Response Finn Ramsland, Solutions Architect, Federal - FireEye Tuesday, June 24th, 12:30pm - 1:15pm Lunch and Learn
Looking Beyond Layers: Why Authentication Security Matters Most Brian Kelly, Principal Product Marketing Manager at Duo Security Tuesday, June 24th, 12:30pm - 1:15pm Lunch and Learn
Online Training Reception Tuesday, June 24th, 6:00pm - 8:00pm Reception
Security Awareness Metrics: Measuring Human Behavior Lance Spitzner Tuesday, June 24th, 7:15pm - 8:15pm SANS@Night
Avoiding Cyberterrorism Threats Inside Electrical Substations Manuel Humberto Santander PelƔez Tuesday, June 24th, 7:15pm - 8:15pm SANS@Night
Securing The Kids Lance Spitzner Tuesday, June 24th, 8:15pm - 9:15pm SANS@Night
C3CM ā Defeating the Command, Control, and Communications of Digital Assailants Russ McRee Tuesday, June 24th, 8:15pm - 9:15pm SANS@Night
Wednesday, June 25
Session Speaker Time Type
Vendor Solutions Expo Wednesday, June 25th, 12:00pm - 1:30pm Vendor Event
Vendor Solutions Expo Wednesday, June 25th, 5:00pm - 7:00pm Vendor Event
An Introduction to PowerShell for Security Assessments James Tarala Wednesday, June 25th, 7:15pm - 8:15pm SANS@Night
Setting up Splunk for Event Correlation in Your Home Lab Aron Warren - Master's Degree Candidate Wednesday, June 25th, 7:15pm - 7:55pm Special Events
Consulting from Virtual Island Rob VandenBrink Wednesday, June 25th, 8:15pm - 9:15pm SANS@Night
Thursday, June 26
Session Speaker Time Type
Vile Vulnerabilities, Rampant Rights, and Pervasive Passwords Paul Harper, Product Manager, Beyond Trust Thursday, June 26th, 12:30pm - 1:15pm Lunch and Learn
Operationalize Open Intelligence ā YARA + Fidelis XPS Mike Nichols, Sr. Product Manager, General Dynamics Fidelis Cybersecurity Thursday, June 26th, 12:30pm - 1:15pm Lunch and Learn
Effective Forensics Analytics for Actionable Incident Response Narayan Makaram, Sr. Product Manager, Tenable Network Security Thursday, June 26th, 12:30pm - 1:15pm Lunch and Learn
Fortinet Next Generation Firewalls Rob Frickel, Security Analyst, Infogressive Thursday, June 26th, 12:30pm - 1:15pm Lunch and Learn
Insider Threat Kill Chain: Detecting Human Indicators Of Compromise Bryce G. Schroeder, Sr. Director of Systems Engineering - Tripwire Thursday, June 26th, 12:30pm - 1:15pm Lunch and Learn
Innovations in End Point Threat Detection (EDTR), Chad Fulgham, PerCredo CEO and former FBI CIO Thursday, June 26th, 12:30pm - 1:15pm Lunch and Learn
Penetration Testing Corporate Mobile Applications and BYOD Environments Dmitry Dessiatnikov Thursday, June 26th, 7:15pm - 8:15pm SANS@Night
How to Spy on your Employees with Memory Forensics Alissa Torres Thursday, June 26th, 7:15pm - 8:15pm SANS@Night
GIAC Program Overview Jeff Frisk Thursday, June 26th, 8:15pm - 8:45pm Special Events
Bust a Cap in a Web App With ZAP Adrien de Beaupre Thursday, June 26th, 8:15pm - 9:15pm SANS@Night
Friday, June 27
Session Speaker Time Type
The "Insider Threat" Revised: Crime, Understanding, and Prediction Richard Porter Friday, June 27th, 7:15pm - 8:15pm SANS@Night
Creating a Covert Channel in Wifi Ronald Hamann Friday, June 27th, 7:15pm - 8:15pm SANS@Night
This event is over,
but there are more training opportunities.
 
Downloads
Share

SANS training is like a catalyst. It not only boosts your knowledge but also inspires you to learn more.
Tan Koon Yaw

Latest Whitepapers

Incentivizing Cyber Security: A Case for Cyber Insurance
By Jason D. Christopher

Zero-Touch Detection and Investigation of Cloud Breaches: A Review of Lacework's Cloud Workload Security Platform
By Matt Bromiley

Complying with Data Protection Law in a Changing World
By Benjamin Wright

Last 25 Papers »

Latest Tweets @SANSInstitute

SANS Salt Lake City #Cybersecurity Training Event to Tackle [...]
June 27, 2017 - 11:45 PM

#SANSSpotlight: Congrats to @joff_thyer for becoming at SANS [...]
June 27, 2017 - 11:30 PM

New course for #SecOps Managers - #MGT517 : Managing Securit [...]
June 27, 2017 - 10:01 PM

Contact Us

301-654-SANS(7267)
Mon-Fri 9am - 8pm EST/EDT
info@sans.org

"It was a great learning experience that helped open my eyes wider. The instructor's knowledge was fantastic."
- Manuja Wikesekera, Melbourne Cricket Club

"This has been a great way to get working knowledge that would have taken years of experience to learn."
- Josh Carlson, Nelnet

"Because of the use of real-world examples it's easier to apply what you learn."
- Danny Hill, Friedkin Companies, Inc.