Building the Panopticon: Centralized Logging and Alerting With Free Tools

BSidesROC 2018

Presented by: Matthew Gracie
Date: Saturday April 14, 2018
Time: 09:00 - 09:50
Location: Track 2

The goal of Jeremy Bentham's Panopticon was to allow a single watchman to observe everything going on in a large building. This is similar to what threat hunters and blue teamers want - a single point to observe all the potentially malicious activities happening on a network. This talk presents one toolset that can provide this visibility using a mixture of no-cost and open source tools deployed on commodity hardware.

Matthew Gracie

Matthew Gracie has over a decade's experience in information security, working to defend networks in higher education, manufacturing, and financial services. He currently works as a Security Analyst for AIX Group, a Hanover Insurance company. He enjoys good beer, mountain bikes, Debian-based Linux distributions, and college hockey, and can be found on Twitter as @InfosecGoon.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats