DerbyCon Review / SIEM Management

DerbyCon was amazing as usual.  I can’t recommend the conference enough.

The most useful talk for me was Ryan Voloch’s talk on SIEM management.  I have experience deploying Splunk as a security monitoring solution.  Ryan’s talk focused on managing use cases / searched.  Prior to the talk, I had a note pad for my ideas and used my employer’s ticket system for external requests.  It worked but wasn’t elegant.  I’m in the process of deploying a larger Splunk monitoring solution.  I’m testing the template.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s