By now most attendees should have significantly recovered from Cisco Live 2014 which was held in San Francisco May 18th to 24th. It was certainly a fun filled, busy week for me and the Lancope StealthWatch System which in addition to being featured in Lancope’s booth had multiple other points of presence at the event.
The week for me started on Sunday May 18th with the Cisco Cyber Range Techtorial (TECSEC-2060) which was an all-day techtorial providing an overview of the wide range of technologies and processes that compose the Cisco Cyber Range including the Lancope StealthWatch System. This was the first time that the session was presented in the United States, having been presented the first time in March at Cisco Live Melbourne.
It was an interesting session with a wealth of information about the incident response process, attack methodologies and leveraging the different technologies to detect and mitigate attackers on the network. For more about the Cyber Range Techtorial visit - https://www.ciscolive.com/online/connect/sessionDetail.ww?SESSION_ID=79056
On Tuesday May 20th I hosted the breakout session “NetFlow Security Monitoring with Cisco Threat Defense” (BRKSEC-2073). This is the second year this session has been a part of Cisco Live and much of the content is derived from the Cisco Cyber Threat Defense Solution Cisco Validated Design along with some best practices on using the Lancope StealthWatch System in detecting and investigating advanced threats operating on the network interior. More information about this session can be found here - https://www.ciscolive.com/online/connect/sessionDetail.ww?SESSION_ID=78692
Also on Tuesday, Martin Nystrom and Michael Scheck from Cisco Computer Security Incident Response Team (CSIRT) presented “Cisco CSIRT: Enabling Investigations with NetFlow and Lancope’s StealthWatch System (BRKPCS-2035); where they walked through a cyber incident and the resulting investigation as discussed Cisco’s use of NetFlow and StealthWatch. More information about this session can be found here - https://www.ciscolive2014.com/connect/sessionDetail.ww?SESSION_ID=5784.
It was also possible to find StealthWatch included in multiple demo stations in the World of Solutions including the Cisco Cyber Range Demo, a demo of Cisco Cyber Threat Defense Solution and a PCI Compliance demo showcasing TrustSec and StealthWatch. StealthWatch was also leveraged inside the Cisco Live Network Operations Center to monitor the network and investigate security events.
Learn how Cisco's CSIRT leverages Lancope's StealthWatch System for information security montoring here.