Barcelona, Spain
October 25-28, 2016
Incident Response and Anomaly Detection Using Osquery
Attendees will learn about osquery and how it can be used to actively monitor an environment. The focus will be specifically around indicators of compromise and anomaly detection within an openstack environment. Additionally I will demonstrate how to extend osquery using osquery-python and write custom query packs to detect flaws.
What can I expect to learn?
How to actively monitor a deployed openstack environment using osquery. Introduction to some security concepts around indicatiors of compromize and threat exchanges.
Technologies discussed:
- python
- osquery
- ansible for deployment
- open threat exchange
- splunk / elk stack
Wednesday, October 26, 3:05pm-3:45pm (1:05pm - 1:45pm UTC)
Difficulty Level: Intermediate
Senior security architect
Grant is a Seattle based security researcher and a member of the OpenStack Vulnerability Management Team. FULL PROFILE
Comments
0 Reviews
0
Registration Opening Soon
Registration will open for you to purchase passes for the OpenStack Summit very soon!
We're excited to see you there!
Download App
