Overall Data Management Strategies -- What Security Logs Do You Look At and Why?
Jacob Babbin, IDS Team Lead, Telos
Date: Thursday, August 4th, 2005
Time: 5:20pm - 6:05pm
Want to get meaningful data out of an organization's security logs? By using open source tools, an entire security reporting infrastructure can be created from an organization's security logs. This session explores:
Using more than 1 IDS platform to monitor your network and some imagination an entire IDS reporting structure can be created.
Aggregation and normalization of these logs can be used to demonostrate net perimeter defensive posture for a network.
Use of technologies such as DNS blackholing, and host redirection can be used to generate logs. These logs can be used to demonstrate the effects of malware on your network to managment.
When combined with open source tools, an entirly automated reporting structure is created that can be leveraged to demonstrate a usable return-on-investment to management and outside groups.
OSCON 2005 Sponsor Opportunities — Email us at
Download the OSCON 05 Sponsor/Exhibitor Prospectus
OSCON 2005 Media Sponsor Opportunities — Call Margi Levin at 707-827-7184 or email at
Press and Media
For media-related inquiries, contact Suzanne Axtell at
Want to receive conference news? Sign up for our email newsletter.