Back To Schedule
Saturday, March 28 • 10:30am - 11:30am
Connecting the Dots, Detecting Threats, and Protecting the Enterprise With Security Onion

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Have you ever wanted to know how to use blinky light boxes to hacker-proof your enterprise computer network? Throughout this presentation, we'll cover topics like cyber-impenetrability, foolproof attribution, and how to keep attackers from ever coming close to your crown jewels. Our discussion will even include plans for building and configuring a next-generation firewall capable of not only stopping attackers in their tracks, but making them shake in their cyber boots, and work for you! If this all sounds too good to be true (or a very bad vendor sales pitch), that's because it is! We absolutely WILL NOT discuss these items, but something much more valuable -- context. While there's no silver bullet approach to keeping bad guys at bay, with the proper tools and training, we can use contextual information from our network traffic and host-based telemetry to connect the dots, and build otherwise unrealized relationships amongst our data. This allows us to paint a better picture of our adversaries and their actions (or Joe in Accounting and his unsavory habits), assisting us in detection of threats, and allowing us to better protect to our network.

While there are many excellent free and open source pieces of software to help us gather contextual data, we will discuss the tools and data provided by Security Onion, a platform for enterprise-scale security monitoring, intrusion detection, threat hunting, and log management. Aside from just tools and data, we will also cover an introduction into the architecture and use cases for Security Onion. Finally, we'll finish with an overview of additional opportunities for detection development, integration with other popular open source tools, and provide additional insight in to the future of Security Onion development. Overall, attendees should walk away with a better understanding of how they can peel pack the layers of their enterprise, and make their adversaries cry.


avatar for Wes Lambert

Wes Lambert

Director of Support and Professional Services, Security Onion Solutions
Wes Lambert is the Director of Support and Professional Services at Security Onion Solutions, where he helps companies to implement enterprise security monitoring solutions and better understand their computer networks. He is a huge fan of open source software projects, and loves... Read More →

Saturday March 28, 2020 10:30am - 11:30am EDT
'Detect' track 3333 Busbee Dr NW, Kennesaw, GA 30144, USA