Be the first to like this
Abstract: Small and medium-sized businesses (SMBs) do not always have the budget for an advanced intrusion detection system (IDS) technology. Open-source software can fill this gap, but these free solutions may not provide full coverage for known attacks, especially once the attacker is inside the perimeter. This presentation investigates the IDS capabilities of a stand-alone Security Onion device when combined with built-in event logging in a small Windows environment to detect malicious actors on the internal network.
Bio: Sean is a Senior Consultant in the Wolf & Company, P.C. Information Technology (IT) Assurance Services group where he is responsible for coordinating and executing cybersecurity and IT audit services at client locations for financial, healthcare, educational and investment planning clients. Sean leads Wolfs security assessment and PCI DSS teams.
Related whitepaper: https://www.sans.org/reading-room/whitepapers/detection/attackers-walls-detecting-malicious-activity-39055