LAST DAY to get a free GIAC Certification attempt with associated Live Online course purchase!

Webcasts

To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Intrusion Detection Through Relationship Analysis, A SANS Technology Institute Master’s Degree Presentation

  • Wednesday, June 14, 2017 at 3:30 PM EDT (2017-06-14 19:30:00 UTC)
  • Patrick Neise

You can now attend the webcast using your mobile device!

  

Overview

Combining the power of existing tools and techniques with emerging technologies can provide defenders with new insights into the volumes of data required for analysis. Tools such as Bro, a network analysis framework, and neo4j, a native graph database that is built to examine data and its relationships can provide the ability to rapidly detect anomalous behavior within the network while the Docker containerization platform can provide the ability to quickly produce a repeatable data pipeline for data analysis. This talk will discuss the tools and techniques that can assist defenders in extracting relevant network information, creating the data model within a graph database, and querying the resulting data to identify potential malicious activity.

Speaker Bio

Patrick Neise

Patrick Neise is currently a Security Systems Engineer at Johns Hopkins Applied Physics Laboratory in Laurel, MD. Recently retired from the U.S. Navy, Patrick brings 20 years of operational experience in submarines and information warfare to the information security community. He holds a Master’s Degree in Information Technology Management from Webster University, a B.S from The University of Texas at Austin in Electrical Engineering and is currently pursuing a M.S. in Information Security Engineering from the SANS Technology Institute and a Doctorate of Engineering from George Washington University. Patrick holds multiple certifications including CISSP, CAP, GPEN, GCIH, GCIA, GCED, GPPW, GSLC, GSEC, GCCC, GWAPT, C|EH, and PMP. He is also a member of the SANS/GIAC and GPWN advisory boards.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.