This Thursday, June 20, Lancope Senior Systems Engineer, Charles Herring, will speak at the Information Systems Security Association (ISSA) Motor City Chapter Meeting on the topic of incident response and forensics. Modern network security requires surveillance that goes beyond monitoring ingress and egress points. As attacks become more sophisticated and targeted, detailed audit trails of internal communications need to be efficiently cataloged to provide a basis for incident response.
During his presentation, Herring will review how network logging technologies such as NetFlow and IPFIX can be used to create an audit trail of network activity. This audit trail can then be used to create detailed forensic timelines of security events, determine the impact of the events and discern the attack vectors used in circumventing security controls.
As a senior systems engineer, Herring focuses on assisting operators of Lancope’s StealthWatch System in detecting and responding to advanced security threats. Prior to joining Lancope, he spent 10 years on active duty with the U.S. Navy. His last position in the Navy was as the lead network security analyst for the Naval Postgraduate School. After leaving the Navy, Herring spent six years consulting with the U.S. Federal government, as well as serving as a contributing network security product reviewer for the InfoWorld Test Center.
Click here for more information on the ISSA Motor City Chapter Meeting and the Lancope presentation, “Incident Response and Forensics with NetFlow.” For further details on Lancope’s solutions for incident response and forensics, go to: http://www.lancope.com/solutions/security-operations/forensics/.
TAGS netflow, network security, lancope, network visibility, forensics, incident response, ipfix, network audit trail