3 Days Left! iPad Pro w/ Smart Keyboard or ASUS Chromebook w/ Online Training!

Webcasts

To attend this webcast, login to your SANS Account or create your Account.

Intrusion Detection Through Relationship Analysis, A SANS Technology Institute Master’s Degree Presentation

  • Wednesday, June 14th, 2017 at 3:30 PM EDT (19:30:00 UTC)
  • Patrick Neise
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.

You can now attend the webcast using your mobile device!

Overview

Combining the power of existing tools and techniques with emerging technologies can provide defenders with new insights into the volumes of data required for analysis. Tools such as Bro, a network analysis framework, and neo4j, a native graph database that is built to examine data and its relationships can provide the ability to rapidly detect anomalous behavior within the network while the Docker containerization platform can provide the ability to quickly produce a repeatable data pipeline for data analysis. This talk will discuss the tools and techniques that can assist defenders in extracting relevant network information, creating the data model within a graph database, and querying the resulting data to identify potential malicious activity.

Speaker Bio

Patrick Neise

Patrick Neise is currently a Security Systems Engineer at Johns Hopkins Applied Physics Laboratory in Laurel, MD. Recently retired from the U.S. Navy, Patrick brings 20 years of operational experience in submarines and information warfare to the information security community. He holds a Master’s Degree in Information Technology Management from Webster University, a B.S from The University of Texas at Austin in Electrical Engineering and is currently pursuing a M.S. in Information Security Engineering from the SANS Technology Institute and a Doctorate of Engineering from George Washington University. Patrick holds multiple certifications including CISSP, CAP, GPEN, GCIH, GCIA, GCED, GPPW, GSLC, GSEC, GCCC, GWAPT, C|EH, and PMP. He is also a member of the SANS/GIAC and GPWN advisory boards.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.