Loading…
This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
Thank you for joining us for our 5th Anniversary celebration! We certainly hope you enjoy the conference. Here’s to Education, Collaboration, and Community!

Remember, we don’t take ourselves too seriously and you shouldn’t, either! To quote the old motto of another collaborative community, "We trick into learning with a laugh".

We wish you both laughter and learning - and lots of both!

-= Team BSidesLV 
View analytic
Tuesday, August 5 • 14:35 - 15:05
Cut the sh**: How to reign in your IDS.

Sign up or log in to save this to your schedule and see who's attending!

Intrusion detection systems, Network Security Monitoring. All too often, these countermeasures are portrayed as the ‘boy who cried wolf’, the magical box with blinking lights that does nothing but get the checkbox from $COMPLIANCE_AUDITOR, or that data that gets logged to your magical SIEM somewhere, and is never heard from again. I’m here to show you how to actually cut the shit on your IDS, get actionable intelligence, and make yourself the hunter, instead of the hunted.

This talk will primarily be focused around Snort and Suricata, since for the sake of this talk, they operate about the same, and they are where I got most of my battle scars. I’ll also be introducing resources for standing up your own sensors quickly, and cutting the shit rapidly.

Speakers
TR

Tony Robinson/da_667

Tony Robinson (@da_667) was a born and raised Detroiter. His background in IDS came from the school of hard knocks at Sourcefire (now a part of Cisco) as both a Technical Support Engineer, and Professional Services Consultant. He now works for a large, un-named power company, actively defending your SCADAs.


Tuesday August 5, 2014 14:35 - 15:05
Tuscany Suites 255 E. Flamingo Rd. Las Vegas, NV

Attendees (27)