Name: NetFlow? Where We're Going, We Don't Need... NetFlow
Start: 2019-10-25T11:00:00-0500
End: 2019-10-25T12:00:00-0500

Back To Schedule

NetFlow? Where We're Going, We Don't Need... NetFlow

You have SIEM & NetFlow to catch the adversary, but can you query your data for useful information? Do you truly understand what is leaving your network?

This talk is for security professionals and developers who are curious about helping the SecOps folks.

General security knowledge is all that is required to benefit from this talk, but seasoned security gurus will find this helpful too.

We will discuss an ingenious approach to log analysis that augments enterprise security monitoring tools; specifically we will look at analyzing outbound network traffic.

I will cover the visibility gap and how with a bit of scripting I created a tool to quickly discover the most relevant information.

You will leave with specific ideas you can implement in your organization to augment and enhance your threat hunting and blue team operations.

Speakers

Petr Sidopulos

Petr is a security professional in the Austin area.He enjoys both Red team and Blue team activities, log analysis, mentoring, and automating every task he finds boring.When not thinking about world domination, Petr likes to spend time with his family, traveling, camping, and firing... Read More →

LASCONX FilteringOutboundTraffic pdf

Friday October 25, 2019 11:00am - 12:00pm CDT
Contrast Security Room 2525 W Anderson Ln #365, Austin, TX 78757, USA

Security

LASCON X

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Petr Sidopulos