How to Become a C.S.I. – Enterprise Forensics using a SIEM
Gary Freeman – SecTor 2013 Sponsor Session
Many Security Analysts are tasked with assisting in Corporate Governance. This session explores the concept of network forensic investigations using a SIEM, and how security analysts can use it to assist in Governance, HR or law enforcement with network interception to gather evidence that must preserve chain-of-custody. With the challenges of cloud-based computing and mobile devices, the need for well-defined workflow and the use of industry-accepted tools is even more essential than ever. Get familiar with Using integration Commands on-demand to gather external data for an investigation.
Leave a Reply
This site uses Akismet to reduce spam. Learn how your comment data is processed.
- Researchers claim Windows “backdoor” affects hundreds of Gigabyte motherboards
- S3 Ep137: 16th century crypto skullduggery
- Serious Security: That KeePass “master password crack”, and what we can learn from it
- Serious Security: Verification is vital – examining an OAUTH login bug
- S3 Ep136: Navigating a manic malware maelstrom
- Ransomware tales: The MitM attack that really had a Man in the Middle
- PyPI open-source code repository deals with manic malware maelstrom
- Phone scamming kingpin gets 13 years for running “iSpoof” service
- Apple’s secret is out: 3 zero-days fixed, so be sure to patch now!
- S3 Ep135: Sysadmin by day, extortionist by night
One Response to How to Become a C.S.I. – Enterprise Forensics using a SIEM