BSides Austin 2018 has ended
Back To Schedule
Thursday, March 8 • 1:30pm - 2:30pm
50 Shades of Graylog

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Abstract: Everywhere you turn, there’s a vendor trying to sell you the latest in “AI-powered triple-next-gen threat detection.” While some of these solutions may hold up to the claims, it’s becoming more and more difficult to tell apart truly effective solutions from overhyped marketing. Worst of all, the average cost for good or bad enterprise defense technologies is somewhere between ‘unaffordable’ and ‘is that even a real number?’

This is the talk SIEM vendors don’t want you to attend. We’ll explore some incredible open source solutions that you can implement to not only add significant value to your detection efforts, but even provide active defense capabilities. I encourage you to reach out to your vendor of choice and get a quote for “magic box that can detect and then automatically defend from attacks.” Take the amount they quote you and use it to hire 4 new FTEs, get a new RedBull machine for the SOC, send your entire team to ShmooCon 2019, buy yourself something nice, and then donate the rest to the open source projects I’ll share with you in this deep dive.

avatar for Eric Capuano

Eric Capuano

CTO, Recon InfoSec
Eric Capuano injects his passion for forensics into every facet of his life. "There is nothing dull or boring about studying advanced adversarial tactics in an effort to become a highly effective defender," he says, comparing this work to a never-ending game of chess where the impacts... Read More →

Thursday March 8, 2018 1:30pm - 2:30pm CST
Big Tex Auditorium