Logging ALL THE THINGS Without All The Cost With Open Source Big Data Tools </buzzwords>

DEF CON 22

Presented by: Zack Fasel
Date: Saturday August 09, 2014
Time: 12:00 - 12:00
Location: Track 1

Many struggle in their job with the decision of what events to log in battle against costly increases to their licensing of a commercial SIEM or other logging solution. Leveraging the open source solutions used for "big-data" that have been proven by many can help build a scalable, reliable, and hackable event logging and security intelligence system to address security and (cringe) compliance requirements. We’ll walk through the various components and simple steps to building your own logging environment that can extensively grow (or keep sized just right) with just additional hardware cost and show numerous examples you can implement as soon as you get back to work (or home).

Zack Fasel

Zack Fasel is a Founding Partner at Urbane Security, a solutions-focused vendor-agnostic information security services firm focusing on providing innovative defense, sophisticated offense and refined compliance services. Heading up Urbane's Research and Security Services divisions, Zack brings his years of diverse internal and external experience to drive Urbane's technical solutions to organizations top pain points. His previous research and presentations at conferences have spread across numerous domains including Windows authentication flaws, femtocells, open source defensive security solutions and unique network and application attack vectors. When not selling out, he can be found lost in the untz unce wubs, dabbling in instagram food photography, or eating scotch and drinking gummy bears (that's right, right?). More information on him can be found at zfasel.com and on Urbane Security at UrbaneSecurity.com.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats