WORKSHOP: LEARN THREAT INTELLIGENCE

Caption Lines Here
17 Aug 2017
15:30 - 17:00
Room D

WORKSHOP: LEARN THREAT INTELLIGENCE

With a vast increase in the amount of data and information coming in every second, it is important to have measures set in place to detect suspicious activity. By combining IDS events with network connection logs and enriching with threat intelligence data, you can detect attackers early, follow lateral movement, and investigate what actions an adversary performed while inside your system. In this talk, we will demonstrate how to combine and collect these logs from different sources using Graylog, an open source log management tool, in unison with Snort, an open source IDS tool. We will further elaborate on…