YouTube video recording of my "Looking for the Weird: Detecting Bad Traffic and Abnormal Network Behavior" webinar for Lancope. This was given on 9/24/2014.
My presentation deck from Converge Conference can be downloaded here.
Summary of the features in StealthWatch 6.5 that protect sensitive data from theft by insider threat or advanced attack.
Some organizations have chosen to adopt a "plausible deniability" strategy to InfoSec. This article outlines some methods of helping these organizations move to a safer security practice.
The final installment of the NBAD series covering relationship anomaly detection.
3 dangerous "lessons" that have come from Target Breach discussions that we need to quickly unlearn.
Part 4 of the NBAD series on host anomaly detection.
Hospitals are under attack from cyber criminals and state sponsored attackers. This article reviews the cause and some remedies to the poor state of InfoSec in healthcare.
Third part of the network behavioral anomaly detection (NBAD) series on the role of behavioral detection.
April 16 - InfoTec Omaha - Done
April 26 - BSides Chicago - Done
May 13 - Secure360 St. Paul - Done
July 11 - Converge Detroit - Done
September 24 - Lancope Webinar - Done
October 15 - Lancope Vision Atlanta - Done
October 16/17 - GrrCon Grand Rapids - Done
October 30 - Minnesota ISSA
Created and maintained by Charles Herring (Fish/F15hb0wn), this site provides an outlet for his ideas on advanced threat detection and forensics through network behavioral anomaly detection (NBAD), NetFlow analysis and efficient cyber security policy, procedures and architecture.
Charles started his career in InfoSec in 2002 as a network security analyst and network security officer within the US Navy. He has labored as a network security product tester for InfoWorld Magazine, led a technology consulting firm and currently serves as Consulting Security Architect for Lancope.
Charles spends most of his time consulting with Fortune 2000 companies in the Midwest US on detecting and mitigating advanced, sophisticated attacks that leverage 0day exploits and insider threats.
Sign up for email delivery of new content.