As I mentioned earlier, my upcoming BrightTALK Log Management Summit presentation entitled “The Integration Lifecycle: Loving Long Logging Lifecycles” is scheduled for August 19th, 2010 at 12:00pm EDT (9:00am PDT). Now, thanks to the nice folks at BrightTALK, I’ve been provided with a nifty embedded widget that will allow you to register for and view the presentation:
Just a reminder that my BrightTalk Log Management Summit presentation entitled “The Integration Lifecycle: Loving Long Logging Lifecycles” is scheduled for August 19th, 2010 at 12:00pm EDT (9:00am PDT). You can register by using the following link: http://www.brighttalk.com/webcast/21954.
The integration of 3rd party products within SIEM and Log Management platforms is often a race to competitive parity. Unfortunately for customers, simply having cursory integration for a product without an ongoing integration lifecycle is about as useful as the platform not supporting the device in the first place.
In order to facilitate continuous value, end-to-end integration lifecycles must be designed to ensure SIEM and Log Management platform vendors have access to the most current information available from integration partners. This talk will shed light on the steps required to effectively bring a product into constant state of supportability and will equip customers with the questions to verify their vendors’ ongoing integration capabilities.
Hopefully I’ll see you there 🙂
With special thanks to Rob Lee, I will be presenting at the 2010 SANS Digital Forensics and Incident Response Summit in Washington, D.C.
Here are the two sessions that I’m involved with:
Friday, July 9th, 2010 – 9:30am – 10:30am
Bringing a Knife to a Gun Fight: The Arsenal Required for Modern Forensic Combat!
One of the most time consuming yet important aspects of any forensic investigation is the analysis of forensic information not located on the compromised machine. For example, logs from compromised systems and ancillary devices, such as routers, firewalls, and intrusion devices, combined with network-level flow and packet analysis help paint a picture of the compromise from start to finish. Reviewing data by hand, however, could take days, weeks, or even months to stitch together a timeline of events.
This talk serves to highlight the current forensic capabilities of Enterprise Security Information Management (ESIM) products, such as Security Information and Event Management (SIEM) and Log Management systems, and how you can best leverage the collected data to aid in forensic exercises. The speaker will also highlight how ESIM products need to evolve to best serve the forensic and incident response community in the future.
Friday, July 9th, 2010 – 10:50am – 11:50pm
Network Forensics Panel
Panelists will tell you the challenges faced by properly collecting and analyzing network based evidence. It is critical in investigations. Data collected from intrusion detection systems, firewalls, routers, proxies, and access points all end up telling unique stories that could be critical to solving your case. Learn the latest techniques thata re utilized in reacting to real attacks that these experts have responded to. This panel includes some of the best minds for the future of Network Forensics. Listen to what they have to say. Network Forensics: No Hard Drive? No Problem.
Hopefully I’ll see you there. Sign up today!