Tag: SANS

SANS Tool Talk Webcast: “Log Management: No Longer Optional”

sansI’ll be presenting a SANS Tool Talk Webcast entitled “Log Management: No Longer Optional” on Tuesday, June 2nd at 1pm EST.

About the session:
Both network and security professionals agree – a log management solution is no longer optional. It’s now a required tool in their arsenal.

Unfortunately, many of their log management projects have failed because the solution they chose was unable to support the size and scope of the deployment and/or effectively deliver useful results.

During this webcast Andrew Hay will discuss important considerations when selecting and deploying a log management solution for your organization and how to avoid some of the pitfalls.

Join this webcast and learn about:

  • Drivers of log management, including security best practices and regulatory mandates
  • Architectural considerations for supporting large distributed enterprise networks
  • Deployment considerations for supporting a multi-vendor network
  • Correlation considerations to effectively make sense of enterprise-wide network & security events
  • Advanced security management considerations to improve an organization’s ability to detect more complex integrated network threats
  • Reporting, auditing and forensics considerations that support compliance initiatives

Sign up for the webcast here.

SANS Security Laboratory “Thought Leaders” Article

SANSStephen Northcutt, of SANS Institute fame, recently recognized me as a Thought Leader in the area of log management. I’m quite humbled to be included with the likes of Dr. Anton Chuvakin, Jeremiah Grossman, and Ron Gula (among others).

The interview has been posted on the SANS Technology Institute site here. This has certainly made my week 🙂

SANS Toronto 2008 Keynote Roundup

talkAs most of you already know, yesterday I was involved in the SANS Toronto 2008 keynote along with Rob Lee, Bryce Galbraith, Peter Giannoulis, Dave Shackleford, Dr. Johannes Ullrich, Stephen Sims, and Guy Bruneau. This was the first keynote that I had the pleasure to be involved with but I hope it won’t be the last.

We had a full room with a mix of local and out of town students, all of whom were having a blast. “How do you know they were having a blast” you might ask? Even though we were talking about serious topics pertaining to security, my fellow panelists and I had the entire room laughing like crazy. In fact, I think I saw a few people whipping away tears from laughing too hard.

I think everyone had a good time, myself included, and the thing that set this keynote apart from previous keynotes that I’ve seen is how laid back and fun the talk was. There were questions about social media and the validation of identities, acceptance and rate of deployment for mainstream wireless infrastructure, the shaping of traffic to prevent P2P transmissions, and several others. All of the panelists were able to add their insight into the posed questions and I think the crowd appreciated how frank we were in our responses.

I think they also enjoyed the running joke about including www.theacademy.ca, in one way or another, in almost all of our responses. It was one of those “you had to be there” jokes but, trust me, it was hilarious. I didn’t get a chance to see the reviews filled out by the students but I hope they enjoyed the session as much as we all enjoyed presenting it.

Maybe SANS will let us do it again some time.

Scroll to top