Session Overall Data Management Strategies -- What Security Logs Do You Look At and Why? Jacob Babbin, IDS Team Lead, Telos Track: Security Date: Thursday, August 4th, 2005 Time: 5:20pm - 6:05pm Location: E144 Want to get meaningful data out of an organization's security logs? By using open source tools, an entire security reporting infrastructure can be created from an organization's security logs. This session explores: IDS logs Using more than 1 IDS platform to monitor your network and some imagination an entire IDS reporting structure can be created. Firewall logs Aggregation and normalization of these logs can be used to demonostrate net perimeter defensive posture for a network. Other logs Use of technologies such as DNS blackholing, and host redirection can be used to generate logs. These logs can be used to demonstrate the effects of malware on your network to managment. When combined with open source tools, an entirly automated reporting structure is created that can be leveraged to demonstrate a usable return-on-investment to management and outside groups.

Diamond Sponsors

Platinum Sponsors

Gold Sponsors

Silver Sponsors

Media Sponsors

In-Kind Sponsors

Sponsors

OSCON 2005 Sponsor Opportunities — Email us at

Download the OSCON 05 Sponsor/Exhibitor Prospectus

OSCON 2005 Media Sponsor Opportunities — Call Margi Levin at 707-827-7184 or email at

Press and Media

For media-related inquiries, contact Suzanne Axtell at

Conference News