Performing Your Own Dentistry -- Challenges, Unknowns, and What is Overlooked in Security Log Collection
So you've finally decided to start collecting your security logs--now what? What do you know and don't know about your network? Do you have all of your partners able to help out? Are you prepared to find out things about your organisation that you were not aware of?
This talk will go over the challenges and unknowns faced when you implement log collection or SIEM software. It also will discuss some of the oddities that have been faced when collecting data. Everything from appliances sending inconsistently-formatted software, what consultants and vendors overlook or not mention about your implementation, things you don't want to do, and how not to panic. This is a talk straight from the trenches of collecting data for an organisation that not only has to protect corporate assets but also ensure the safety of its employees due to the use of industrial control.
Cariad Keigher is a Senior Security Analyst at one of Canada's largest diversified natural resources companies. She has worked in the information security field for almost a decade and believes in the use of a community-based approach to data sharing. Previously she has spoken at BSides Vancouver on retrieving personal information from social media and was invited to Facebook's main campus in Menlo Park to present on analyzing breach data. She can be found on Twitter as @KateLibC.