Hunting attackers with network audit trails

    1. Location
      Technical Theatre

Hunting attackers with network audit trails

01 May 2014, 12:00 - 12:25

Technical Theatre

Language:
English

Sophisticated, targeted attacks have become increasingly difficult to detect and analyse. In order to detect breaches more effectively, organisations must look beyond the perimeter and understand what is going on inside their networks. This session will demonstrate how network logging technologies such as NetFlow and IPFIX can be used to detect advanced attacks inside the network, dramatically improving forensic investigations and incident response. 

  • Understand why sophisticated attackers are able to subvert perimeter network defences
  • Discover how standard network logging technologies such as NetFlow and IPFIX work and how to enable them on popular networking equipment
  • Be aware of open source and commercial NetFlow collection solutions and how to use them to analyse network traffic
  • Understand how to discover and investigate attacks within network audit trails
  • Find out how to apply threat intelligence gleaned from incident investigations to protect an organization against future attacks

Contributors

  • Tom Cross

    Speaker

    Director of Security Research

    Lancope

    Tom Cross is Director of Security Research at Lancope, where he works on advancing the state of the art in network behavioral anomaly detection. He...

Documents

  • Lancope presentation 3.69 MB

    Hunting attackers with network audit trails, Tom Cross, Director of Security Research, Lancope

    15 May 2014

CPD & CPE Credits

  1. CPD & CPE Credits Attending this session will entitle you to receive ½ CPE/CPD credit

Business Issues Covered

Ensure information security projects demonstrate return on investment. Identify internal and external threats and keep a business secure.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies.