![[Search]](/static/images/search.gif){kind=small}
![[A-Z Index]](/static/images/az.gif){kind=small}
![[Contact]](/static/images/contact.gif){kind=small}
![[University of Cambridge]](/static/images/identifier2.gif){kind=small}
![[Talks.cam]](/static/images/talkslogosmall.gif)
Richard Bejtlich, TaoSecurity
Friday 19 May 2006, 16:00-17:00
Network Security Monitoring
- đ¤ Speaker: Richard Bejtlich, TaoSecurity
- đ Date & Time: Friday 19 May 2006, 16:00 - 17:00
- đ Venue: Room FW11, Computer Laboratory, William Gates Building
Questions? Contact
Stephen Lewis
Abstract
This presentation will introduce the tenets of network security monitoring (NSM) as defined and applied by Richard Bejtlich. Attendees will see how Bejtlich approaches incident detection and response by using statistical, session, full content, and alert data. The open source NSM suite Sguil (www.sguil.net) will be demonstrated via a free VMware image that attendees can try. Network-centric incident response and forensics issues will also be covered. Expect a lively discussion!
Series This talk is part of the Computer Laboratory Security Seminar series.
Included in Lists
- All Talks (aka the CURE list)
- bld31
- Cambridge talks
- Computer Laboratory Security Seminar
- Department of Computer Science and Technology talks and seminars
- Interested Talks
- Room FW11, Computer Laboratory, William Gates Building
- School of Technology
- Security-related talks
- Trust & Technology Initiative - interesting events
- yk449
Note: Ex-directory lists are not shown.