Loading…
LASCON X has ended
Friday, October 25 • 11:00am - 12:00pm
NetFlow? Where We're Going, We Don't Need... NetFlow

Sign up or log in to save this to your schedule and see who's attending!

You have SIEM & NetFlow to catch the adversary, but can you query your data for useful information? Do you truly understand what is leaving your network?

This talk is for security professionals and developers who are curious about helping the SecOps folks.

General security knowledge is all that is required to benefit from this talk, but seasoned security gurus will find this helpful too.

We will discuss an ingenious approach to log analysis that augments enterprise security monitoring tools; specifically we will look at analyzing outbound network traffic.

I will cover the visibility gap and how with a bit of scripting I created a tool to quickly discover the most relevant information.

You will leave with specific ideas you can implement in your organization to augment and enhance your threat hunting and blue team operations.

Speakers
avatar for Petr Sidopulos

Petr Sidopulos

Petr is a security professional in the Austin area.He enjoys both Red team and Blue team activities, log analysis, mentoring, and automating every task he finds boring.When not thinking about world domination, Petr likes to spend time with his family, traveling, camping, and firing... Read More →



Friday October 25, 2019 11:00am - 12:00pm
Contrast Security Room 2525 W Anderson Ln #365, Austin, TX 78757, USA