Choose how you attend: SANS Network Security 2020 offers 35+ courses in Las Vegas OR Live Online!


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Sorry, the slides for this webcast are not available for download.

SIEM-plifying Security Monitoring: Making Sense of Security Intelligence

  • Friday, August 28, 2015 at 1:00 PM EDT (2015-08-28 17:00:00 UTC)
  • Dave Shackleford, Tom D'Aquino


  • AlienVault

You can now attend the webcast using your mobile device!



SIEM can be one of the most effective tools for sniffing out attackers in your network IF effective correlation rules are developed to turn security events into security intelligence. Most SIEM solutions ship with a set of "out of the box" correlation directives, but you'll typically need to invest time & resources to create and maintain correlation rules customized for your environment. So, how do you get started?

Join this webcast to learn:

  • How to translate business use cases into detection requirements
  • How to define correlation directives to detect security incidents
  • Key contextual data needed to validate and prioritize alarms
  • How to simplify SIEM with a unified approach to security

Speaker Bios

Tom D'Aquino

Tom has been engaged in information security with an emphasis on supporting enterprise SIEM deployments for nearly ten years. His most recent endeavors include educating others in the art of security analysis while evangelizing the benefits of AlienVault's unified approach to information security management aka AlienVault USM. Tom loves to reminisce about the good ol' days of using grep and regex to find suspicious activity in log files and he is always thrilled to brainstorm with you on your own security use cases and initiatives.

Dave Shackleford

Dave Shackleford is the owner and principal consultant of Voodoo Security and a SANS analyst, senior instructor, and course author. He has consulted with hundreds of organizations in the areas of security, regulatory compliance, and network architecture and engineering, possessing extensive experience designing and configuring secure infrastructures. He has previously worked as CSO for Configuresoft, CTO for the Center for Internet Security, and as a security architect, analyst, and manager for several Fortune 500 companies. Dave is the author of the Sybex book Virtualization Security, the coauthor of Hands-On Information Security from Course Technology, and currently serves on the board of directors at the SANS Technology Institute and helps lead the Atlanta chapter of the Cloud Security Alliance.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.