The ability to detect malicious activity across an organization’s computing infrastructure is an ongoing problem we face as information security practitioners. Where can an organization start when building a threat detection program? How can an organization gain threat detection intelligence using free tools? This presentation will address these questions and provide initial steps taken toward developing a threat detection program. Our darknet sensor data comes from dropped packets logged by iptables and collected by OSSEC. We use ossec-reportd to generate reports from across our infrastructure. These data are imported into R for statistical computing and graphics.OUTCOMES: Learn about implementing a threat detection program * Learn about importing OSSEC data into R * Learn introductory R concepts for creating security metrics
[Read More]
[Read More]
SOURCE: Educause
Webinars & Presentations