BSidesSF 2019 has ended
Back To Schedule
Monday, March 4 • 3:30pm - 4:00pm
Collect All the Data; Protect All the Things

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Blue teaming has not, up until this point, received the same applause and attention that red teaming has, but the tide is changing. The realization that the charge to "protect all the things, all the time" requires the collection and analysis of all the data is creating the conditions to "bring the sexy" to the blue team.
This talk covers the application of different methods to collect, analyze, and correlate multiple types of data as well as the use of machine learning to generate behavioral anomalies that are incorporated into overall continuous monitoring capabilities. This is not a vendor talk, and with very few exceptions all methods and tools discussed are open source and free; the focus is on the application of concepts.


Aaron Rosenmund

I am a full-time author with Pluralsight focusing on security operations and incident response. With that position, I conduct “In the field” incdent response focused research and produce mostly advanced level video courses and demonstration content for Pluralsight. I am also... Read More →

Monday March 4, 2019 3:30pm - 4:00pm PST
Theater 14 (overflow in #10)