Network Flow Data: A Cornucopia of Value - SANS Blue Team Summit

Channel:
United States SANS Institute
Subscribers:
64,000
Published on ● Video Link: https://www.youtube.com/watch?v=RB7yIAWglmE


Duration: 44:19
1,192 views
19

Speaker: Andrew Laman, Founder & Principal Consultant, A4 InfoSec; Instructor, SANS Institute

Did you realize that many network devices, such as routers, offer a treasure trove of data that can be analyzed to find unusual traffic patterns and intrusion activities on your network? Sure, most diligent companies have intrusion detection systems and sensors but even the best-tuned solutions miss malicious behavior due to blind spots like sensor placement and encrypted payloads.

Network flow data is a feature available on almost all networking products but is often overlooked as part of a defensible architecture. Need to hunt for lateral movement on a user segment that doesn't have a sensor? Flow data can provide visibility where other solutions fail. Come join me to learn tips for taking advantage of already available data.

SANS Summit schedule: http://www.sans.org/u/DuS

The Blue Team Summit features presentations and panel discussions covering actionable techniques, new tools, and innovative methods that help cyber defenders improve their ability to prevent and detect attacks.



Other Videos By SANS Institute


2019-09-23Top 10 Writing Mistakes in Cybersecurity and How You Can Avoid Them
2019-08-27SANS Pen Test HackFest Summit & Training 2019: Sneak Peek
2019-08-15What you need to know about SEC555: SIEM with Tactical Analysis
2019-08-14ATT&CKing Your Enterprise: Adversary Detection Pipelines & Adversary Simulation
2019-08-14Gaining Endpoint Log Visibility in ICS Environments - SANS ICS Security Summit 2019
2019-08-14What you need to know about SEC530: Defensible Security Architecture and Engineering
2019-08-13What you need to know about SEC503: Intrusion Detection In-Depth
2019-08-12What you need to know about SEC487: Open-Source Intelligence (OSINT) Gathering and Analysis
2019-08-06Preventing Your Physical Access Control System from Being Used Against You - SANS ICS Summit 2019
2019-07-31Practical Solutions to Supply Chain Attacks - SANS ICS Security Summit 2019
2019-07-30Network Flow Data: A Cornucopia of Value - SANS Blue Team Summit
2019-07-24Scanners, Tunnels, and Sims, Oh My! - SANS ICS Security Summit 2019
2019-07-23Zero-Trust Networks: The Future Is Here - SANS Blue Team Summit 2019
2019-07-22Threat Hunting via Sysmon - SANS Blue Team Summit
2019-07-17Creating a Security Metrics Program: How to Measure Success - SANS ICS Security Summit 2019
2019-07-15To Blue with ATT&CK-Flavored Love - SANS Blue Team Summit
2019-07-12OSINT: Not Just Offensive - SANS Blue Team Summit
2019-07-01Defeating Attackers with Preventative Security
2019-06-13Why You Should Take SEC560: Network Penetration Testing and Ethical Hacking
2019-06-13Why You Should Take SEC660: Advanced Penetration Testing, Exploit Writing, and Ethical Hacking
2019-06-13Why You Should Take AUD507: Auditing & Monitoring Networks, Perimeters & Systems


Tags:
sans institute
information security
cyber security
cybersecurity
information security training
cybersecurity training
cyber security training
SANS Summits