Building the Panopticon: Centralized Logging and Alerting With Free Tools

The goal of Jeremy Bentham's Panopticon was to allow a single watchman to observe everything going on in a large building. This is similar to what threat hunters and blue teamers want - a single point to observe all the potentially malicious activities happening on a network. This talk presents one toolset that can provide this visibility using a mixture of no-cost and open source tools deployed on commodity hardware.

Presented by