Ending Soon! Get an iPad Air with Smart Keyboard, or Surface Go, or $300 Off with Online Training through Aug 21!

Webcasts

To attend this webcast, login to your SANS Account or create your Account.

SIEM-plifying Security Monitoring: Making Sense of Security Intelligence

  • Friday, August 28th, 2015 at 1:00 PM EDT (17:00:00 UTC)
  • Dave Shackleford and Thomas D'Aquino
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.

Sponsor

  • AlienVault

You can now attend the webcast using your mobile device!

Overview

SIEM can be one of the most effective tools for sniffing out attackers in your network IF effective correlation rules are developed to turn security events into security intelligence. Most SIEM solutions ship with a set of "out of the box" correlation directives, but you'll typically need to invest time & resources to create and maintain correlation rules customized for your environment. So, how do you get started?

Join this webcast to learn:

  • How to translate business use cases into detection requirements
  • How to define correlation directives to detect security incidents
  • Key contextual data needed to validate and prioritize alarms
  • How to simplify SIEM with a unified approach to security

Speaker Bios

Tom D'Aquino

Tom has been engaged in information security with an emphasis on supporting enterprise SIEM deployments for nearly ten years. His most recent endeavors include educating others in the art of security analysis while evangelizing the benefits of AlienVault's unified approach to information security management aka AlienVault USM. Tom loves to reminisce about the good ol' days of using grep and regex to find suspicious activity in log files and he is always thrilled to brainstorm with you on your own security use cases and initiatives.


Dave Shackleford

Dave Shackleford is the owner and principal consultant of Voodoo Security and a SANS analyst, senior instructor, and course author. He has consulted with hundreds of organizations in the areas of security, regulatory compliance, and network architecture and engineering, possessing extensive experience designing and configuring secure infrastructures. He has previously worked as CSO for Configuresoft, CTO for the Center for Internet Security, and as a security architect, analyst, and manager for several Fortune 500 companies. Dave is the author of the Sybex book Virtualization Security, the coauthor of Hands-On Information Security from Course Technology, and currently serves on the board of directors at the SANS Technology Institute and helps lead the Atlanta chapter of the Cloud Security Alliance.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.