Monitoring for malicious activity and handling the resulting alerts is vital to the success of a defensive security program. Powerful, centralized logging is available to all of us, but it is only useful if we understand and take action on the data collected.
This talk will discuss tools everyone should consider using to monitor their infrastructure, including Elasticsearch, and the process by which users can create a reliable logging pipeline to handle data from thousands of hosts. Ryan and Nate will demonstrate how to scale these efforts by integrating security into a communication platform that helps users look at more data by delegating event management to the affected individuals directly.
Senior Staff Security Engineer
Manager of Security Operations