SOC Monitoring & Analysis Slides from ISSW

ISSW 2016This past weekend I had an opportunity to present at the InfoSec Southwest (ISSW) conference on the basics of SOC monitoring and analysis. The presentation covered a range of topics, including understanding the different monitoring environments and tools as well as how to employ them to perform basic analysis. I believe the most important content, though, is the educational foundation laid out for those looking to get into this fun field. Thank you to ISSW for having me and just running an all-around awesome con!

Monitoring & Analysis 101 – N00b to Ninja in 60 Minutes

Knowing how to perform basic monitoring and analysis can go a long way in helping infosec analysts do some foundation analysis to either crush the mundane or recognize when it’s time to pass the more serious attacks on to the the big boys. This presentation covers environment options for making your network monitor-able, three quick steps to triage and analyze alerts, and integrated distros that allows almost anyone with a general technical background to go from n00b to ninja (;)) in no time. Well… maybe not a “ninja” per se but the closing does address follow-on resources on the cheap for those wanting to dive deeper into the dark world of network monitoring and analysis.


Today’s post pic is from See ya!

2 comments for “SOC Monitoring & Analysis Slides from ISSW

  1. April 14, 2016 at 12:05 am

    BLOGGED: SOC Monitoring & Analysis Slides from ISSW

  2. April 14, 2016 at 12:11 am

    SOC Monitoring & Analysis Slides from #ISSW

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.