Friday, July 13, 2012

Slides from Lockdown 2012

I had the pleasure of presenting at the University of Wisconsin's Lockdown 2012 Security Conference (http://www.cio.wisc.edu/lockdown-2012-presentations.aspx).  It was a great conference and I had interesting conversations with attendees and the other speakers.  Though small, year after year, the conference is able to attract important speakers who also present at Blackhat and RSA, so I encourage folks to check it out next year.

My presentation was titled "Detection is the New Prevention" and closely mirrored an earlier blog post of the same title.  The slide deck contains a lot of ELSA screenshots showing how ELSA and Big Data are critical when preventative measures fail.  Of particular note, I walk through some advanced ELSA features including how to setup local databases to leverage org-specific data in analytics.  I also walk through the basics of performing correlated searches in ELSA.

You can find the slides here: https://docs.google.com/open?id=0By1KXg1ivlIeN18yOWZ6a1dGTFk

You can also find slides from my YAPC:NA (Perl programmer's conference) which detail the inner-workings and design of ELSA here:  https://docs.google.com/open?id=0By1KXg1ivlIeQW1uYTZzV2FMX1E