Lancope’s director of security research, Tom Cross, and senior systems engineer, Charles Herring, will present at the SANS Digital Forensics and Incident Response (DFIR) Summit in Austin, Texas next week. The two will demonstrate how to leverage network audit trails to hunt for cyber attackers.
Sophisticated, targeted attacks have become increasingly difficult to detect and analyze. Reports cataloging trends in data breaches reveal a systematic problem in organizations’ ability to detect that they ever occurred. The Lancope presenters will discuss how network logging technologies such as NetFlow and IPFIX can be used to create an audit trail of network activity to uncover anomalous traffic associated with advanced attacks.
The presentation, “Hunting Attackers with Network Audit Trails,” will take place on Tuesday, July 9 at 5:00 p.m. For more information, go to: http://www.sans.org/event/dfir-summit-2013/. Further details on Lancope’s forensics and incident response capabilities can be found here.
TAGS netflow, network security, lancope, network visibility, advanced threats, forensics, incident response, ipfix, network audit trail