Update 2014-03-14
Here’s a link to the video: https://www.youtube.com/watch?v=SVKcFhyGqcY.

Update 2014-01-17
Holy wow, I just found this in my draft’s folder!  I obviously meant to publish it a few months ago, but somehow didn’t. Normally I’d just skip it and not bother, but it does have a link to my ESM presentation video, which I think some people might find useful.  It’s better if I just fess up.  Yup, I was an idiot.

Yesterday, I was lucky enough to attend the inaugural BSidesAugusta in Augusta, GA.  This was a fantastic high energy event with a lot of great talks.  I spoke on the Blue Team track about many of the themes I’ve blogged about already, plus a lot more that have been baking.

My talk was entitled “Enterprise Security Monitoring”, and covers not only the themes I’ve blogged here already, but a lot of other stuff that I’ve been working on but haven’t yet had a chance to write up. 
I had several people ask me if I could make my slides available, so here they are.

The talk was also recorded, so I’ll post a link to the YouTube video when it’s available.  You can also expect a blog post sometime in the next few days to explain this concept a bit more.  Finally, I’ll also be giving an updated version of this talk next month at BSidesDC, so if you didn’t catch me in Georgia, come to Our Nation’s Capitol and see me there!

By admin