OSSEC at the Rochester Security Summit
I recently blogged about the Rochester Security Summit to be held October 28 and 29 in Fairport, NY. I’ll be presenting “OSSEC in the Enterprise.” Here are the details of the presentation:
It’s 2AM and you’re sleeping soundly. Meanwhile, an attacker has fingerprinted your systems, exploited your web server and is now moving on to other systems. He’s leaving footprints along the way. Your logs are trying to warn you. Are you listening?
Join Michael Starks in a lively discussion about how OSSEC, an open-source HIDs (host-based intrusion detection) can help you to:
- Identify policy violations, such as the installation of unauthorized software
- Identify weak system settings that could leave you open to attack
- Detect unix-based rootkits, both known and unknown
- Detect Windows alternate data streams
- Know when your firewall config changes and what changed
- Assist in forensics investigations by providing secured MD5/SHA1 checksums of system files
- Block attackers in near real-time across the enterprise
- Meet compliance needs across a broad spectrum, including PCI, HIPAA, SoX and ISO 27001
All of this and more can be accomplished with the free OSSEC HIDs. Whether you’re a one-person small business or an international organization with offices aross the world, OSSEC is designed to scale to meet your needs. In this informative presentation, Michael will discuss some of the fundamentals of log management, then move right into the technical details of how OSSEC can be implemented in your company–even in under an hour. Finally, you’ll be able to see OSSEC detect and block attackers in real-time. Isn’t it about time you started listening to your logs?
If you’re able to attend, please walk up and introduce yourself!