Exploring the Future Potential of AI-Enabled Smartphone Processors
Logs vs Insiders
1. Santa Clara Convention Center January 27 – 31, 2008 All The Technologies – One Great Place To Meet! Dr Anton Chuvakin Chief Logging Evangelist LogLogic Log Data: The Weapon Of Choice To Thwart Insider Threats
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
Editor's Notes
Title: Log Data: The Weapon Of Choice to Thwart Insider Threats Description: Insider threats are always of concern to organizations. There is a way to track insider activity to provide a continuous fingerprint of everything that happens within the security perimeter. All users, whether trusted and non-malicious or malicious, leave traces of their activity in logs. As Anton Chuvakin will discuss, by analyzing these logs, organizations can gain insight into insider behavior and activity and can help investigate, detect, or even predict and prevent insider attacks. Outline: Basics on “insider threats” Types, research, past work (sheer amount of it!), etc Why “insider problem” is hard Can’t be solved by technology alone Also, hard to assess the scale Block vs log: control vs accountability Logs vs insiders Types of logs Case study Conclusion TRACK, not FIGHT insiders with technology Fight them with non-technology means, after you “got them”