1 CompTIA CEU: A+, Network+, Security+, Cloud+, CSA+, and CASP; 1 GIAC CPE
In this presentation, Doug Burks discusses Security Onion, a free linux distro for intrustion detection, network securing monitoring, and log management. To successfully monitor and defend modern networks against modern adversaries, we can’t just rely on the traditional intrusion detection approach. We must add transaction data (DNS logs, HTTP logs, SSL logs, etc), session data, full packet capture, and host data to provide the telemetry needed to detect modern adversaries.
1. Intrusion Detection
2. Network Security Monitoring
3. Log Management