Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Extracting Forensic Evidence from Computer Logs

LogRhythm : 30 April, 2010  (Technical Article)
Experts from LogRhythm and SANS present a webinar on the use of network logs for developing evidence for apprehending hackers
LogRhythm and SANS are running a free webinar on the use of network log forensics for the discovery and identification of hackers.

The Webinar will be run by Jonathan Ham who is a certified SANS instructor with CISSP, GSEC, GCIA, and GCIH certifications, and is a member of the GIAC Advisory Board. An independent consultant who specializes in large-scale enterprise security projects, he has worked with public and private clients for the past 12 years from upstarts to Fortune 500 enterprises. Jonathan has taught NCIS investigators how to use Snort, chartered and trained the CIRT (Computer Incident Response) for one of the largest U.S. civilian federal agencies, and more.

Co-Presenter Rich Bakos has over a decade of experience designing, implementing, managing and securing IT networks. In his role as Senior Systems Engineer at LogRhythm, Rich has designed and architected log and security event management solutions for leading organizations in a variety of industries and government sectors. Rich is a frequent speaker at industry events.

There is a wealth of forensic evidence in every network environment, generated by routers, firewalls, IDS/ IPS, operating systems, wireless access points, web proxies, etc., in the form of system logs. Whether an outsider has breached the network or a privileged user has committed insider fraud, traces of their activity are captured in logs. In order to reconstruct an incident, finger the culprit, and assess damages, forensics investigators must be able to identify and correlate network logs from multiple sources, and analyze them to build their case. In this webinar, attendees will learn from two experts:

-- Where to gather forensics evidence
-- What events to look for
-- How to correlate data from different sources to trace malicious activity
-- Analysis methods for establishing probable cause in a court of law
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo