Log Forensics from CEIC 2007

Anton Chuvakin
Security Strategy
May. 15, 2007
Log Forensics from CEIC 2007
Log Forensics from CEIC 2007
Log Forensics from CEIC 2007
Log Forensics from CEIC 2007
Log Forensics from CEIC 2007
Log Forensics from CEIC 2007
Log Forensics from CEIC 2007
Log Forensics from CEIC 2007
Log Forensics from CEIC 2007
Log Forensics from CEIC 2007
Log Forensics from CEIC 2007
Log Forensics from CEIC 2007
Log Forensics from CEIC 2007
Log Forensics from CEIC 2007
Log Forensics from CEIC 2007
Log Forensics from CEIC 2007
1 of 16

Log Forensics from CEIC 2007

May. 15, 2007
Business
Technology

Log Forensics TEASER presentation from CEIC 2007

Anton Chuvakin
Security Strategy

Recommended

CONFidence 2007 Log Forensics TEASER PresoCONFidence 2007 Log Forensics TEASER Preso
CONFidence 2007 Log Forensics TEASER PresoAnton Chuvakin1.4K views13 slides
Logs for Incident Response and Forensics: Key Issues for GOVCERT.NL 2008Logs for Incident Response and Forensics: Key Issues for GOVCERT.NL 2008
Logs for Incident Response and Forensics: Key Issues for GOVCERT.NL 2008guestc0c304269 views41 slides
Logs vs InsidersLogs vs Insiders
Logs vs InsidersAnton Chuvakin1.3K views30 slides
All Anton's Top11 Log ListsAll Anton's Top11 Log Lists
All Anton's Top11 Log ListsAnton Chuvakin1.6K views6 slides
Hacker's jargonsHacker's jargons
Hacker's jargonsPavan M247 views36 slides
Open stack security emea launchOpen stack security emea launch
Open stack security emea launchJoshua McKenty542 views31 slides

More Related Content

Viewers also liked

Business setup services dubaiBusiness setup services dubai
Business setup services dubaidaralmazayadxb207 views14 slides
高齢者孤独死防止アプリ高齢者孤独死防止アプリ
高齢者孤独死防止アプリsasaki-ryo740 views7 slides
Marges et organisation : une approche critique et politique au regard du genreMarges et organisation : une approche critique et politique au regard du genre
Marges et organisation : une approche critique et politique au regard du genreVirginie Martin225 views138 slides
APS Presentation2015APS Presentation2015
APS Presentation2015Sarah Adamson Grimmer85 views1 slide
ResumeResume
ResumeYusuf Shaikh636 views3 slides
5 Secrets To Improve ITSM Profitability5 Secrets To Improve ITSM Profitability
5 Secrets To Improve ITSM ProfitabilityMarc Gourvenec84 views22 slides

Viewers also liked(8)

Business setup services dubaiBusiness setup services dubai
Business setup services dubai
daralmazayadxb207 views
高齢者孤独死防止アプリ高齢者孤独死防止アプリ
高齢者孤独死防止アプリ
sasaki-ryo740 views
Marges et organisation : une approche critique et politique au regard du genreMarges et organisation : une approche critique et politique au regard du genre
Marges et organisation : une approche critique et politique au regard du genre
Virginie Martin225 views
APS Presentation2015APS Presentation2015
APS Presentation2015
Sarah Adamson Grimmer85 views
ResumeResume
Resume
Yusuf Shaikh636 views
5 Secrets To Improve ITSM Profitability5 Secrets To Improve ITSM Profitability
5 Secrets To Improve ITSM Profitability
Marc Gourvenec84 views
[RU] Sustainable Financing of National HIV Responses – Lessons Learnt[RU] Sustainable Financing of National HIV Responses – Lessons Learnt
[RU] Sustainable Financing of National HIV Responses – Lessons Learnt
UNDP Eurasia890 views
Economics review with answersEconomics review with answers
Economics review with answers
jpaone761.3K views

Similar to Log Forensics from CEIC 2007

Using Logs for Breach Investigations and Incident Response by Dr Anton ChuvakinUsing Logs for Breach Investigations and Incident Response by Dr Anton Chuvakin
Using Logs for Breach Investigations and Incident Response by Dr Anton ChuvakinAnton Chuvakin2.9K views32 slides
Logs for Incident Response and Forensics: Key Issues for GOVCERT.NL 2008Logs for Incident Response and Forensics: Key Issues for GOVCERT.NL 2008
Logs for Incident Response and Forensics: Key Issues for GOVCERT.NL 2008Anton Chuvakin2.9K views41 slides
Logs for Information Assurance and Forensics @ USMALogs for Information Assurance and Forensics @ USMA
Logs for Information Assurance and Forensics @ USMAAnton Chuvakin1.1K views31 slides
Six Mistakes of Log Management 2008Six Mistakes of Log Management 2008
Six Mistakes of Log Management 2008Anton Chuvakin2.1K views31 slides
Power of logs: practices for network securityPower of logs: practices for network security
Power of logs: practices for network securityInformation Technology Society Nepal392 views37 slides
CSI NetSec 2007 Six MIstakes of Log Management by Anton ChuvakinCSI NetSec 2007 Six MIstakes of Log Management by Anton Chuvakin
CSI NetSec 2007 Six MIstakes of Log Management by Anton ChuvakinAnton Chuvakin2.1K views13 slides

Similar to Log Forensics from CEIC 2007(20)

Using Logs for Breach Investigations and Incident Response by Dr Anton ChuvakinUsing Logs for Breach Investigations and Incident Response by Dr Anton Chuvakin
Using Logs for Breach Investigations and Incident Response by Dr Anton Chuvakin
Anton Chuvakin2.9K views
Logs for Incident Response and Forensics: Key Issues for GOVCERT.NL 2008Logs for Incident Response and Forensics: Key Issues for GOVCERT.NL 2008
Logs for Incident Response and Forensics: Key Issues for GOVCERT.NL 2008
Anton Chuvakin2.9K views
Logs for Information Assurance and Forensics @ USMALogs for Information Assurance and Forensics @ USMA
Logs for Information Assurance and Forensics @ USMA
Anton Chuvakin1.1K views
Six Mistakes of Log Management 2008Six Mistakes of Log Management 2008
Six Mistakes of Log Management 2008
Anton Chuvakin2.1K views
Power of logs: practices for network securityPower of logs: practices for network security
Power of logs: practices for network security
Information Technology Society Nepal392 views
CSI NetSec 2007 Six MIstakes of Log Management by Anton ChuvakinCSI NetSec 2007 Six MIstakes of Log Management by Anton Chuvakin
CSI NetSec 2007 Six MIstakes of Log Management by Anton Chuvakin
Anton Chuvakin2.1K views
Log Management For e-Discovery, Database Monitoring and Other Unusual UsesLog Management For e-Discovery, Database Monitoring and Other Unusual Uses
Log Management For e-Discovery, Database Monitoring and Other Unusual Uses
Anton Chuvakin1.3K views
Application Logging Good Bad Ugly ... Beautiful?Application Logging Good Bad Ugly ... Beautiful?
Application Logging Good Bad Ugly ... Beautiful?
Anton Chuvakin6.2K views
Audit logs for Security and ComplianceAudit logs for Security and Compliance
Audit logs for Security and Compliance
Anton Chuvakin4.5K views
Baselining LogsBaselining Logs
Baselining Logs
Anton Chuvakin4.5K views
What does "monitoring" mean? (FOSDEM 2017)What does "monitoring" mean? (FOSDEM 2017)
What does "monitoring" mean? (FOSDEM 2017)
Brian Brazil2.4K views
Incident Response FailsIncident Response Fails
Incident Response Fails
Michael Gough6 views
Log Mining: Beyond Log AnalysisLog Mining: Beyond Log Analysis
Log Mining: Beyond Log Analysis
Anton Chuvakin20.7K views
FIRST 2006 Full-day Tutorial on Logs for Incident ResponseFIRST 2006 Full-day Tutorial on Logs for Incident Response
FIRST 2006 Full-day Tutorial on Logs for Incident Response
Anton Chuvakin1.6K views
How to Gain Visibility and Control: Compliance Mandates, Security Threats and...How to Gain Visibility and Control: Compliance Mandates, Security Threats and...
How to Gain Visibility and Control: Compliance Mandates, Security Threats and...
Anton Chuvakin934 views
Log Standards & Future Trends by Dr. Anton ChuvakinLog Standards & Future Trends by Dr. Anton Chuvakin
Log Standards & Future Trends by Dr. Anton Chuvakin
Anton Chuvakin2.2K views
NIST 800-92 Log Management Guide in the Real WorldNIST 800-92 Log Management Guide in the Real World
NIST 800-92 Log Management Guide in the Real World
Anton Chuvakin8.9K views
Drop, Stop & RollDrop, Stop & Roll
Drop, Stop & Roll
John Hoffoss655 views
Itet2 its counter reconItet2 its counter recon
Itet2 its counter recon
Morten Nielsen210 views
Making Logs Sexy Again: Can We Finally Lose The Regexes?Making Logs Sexy Again: Can We Finally Lose The Regexes?
Making Logs Sexy Again: Can We Finally Lose The Regexes?
Anton Chuvakin2.4K views

More from Anton Chuvakin

SANS Webinar: The Future of Log Centralization for SIEMs and DFIR – Is the En...SANS Webinar: The Future of Log Centralization for SIEMs and DFIR – Is the En...
SANS Webinar: The Future of Log Centralization for SIEMs and DFIR – Is the En...Anton Chuvakin16 views22 slides
SOC Lessons from DevOps and SRE by Anton ChuvakinSOC Lessons from DevOps and SRE by Anton Chuvakin
SOC Lessons from DevOps and SRE by Anton ChuvakinAnton Chuvakin248 views18 slides
Hey SOC, Look LEFT! by Anton Chuvakin RSA 2023 BoothHey SOC, Look LEFT! by Anton Chuvakin RSA 2023 Booth
Hey SOC, Look LEFT! by Anton Chuvakin RSA 2023 BoothAnton Chuvakin130 views10 slides
20 Years of SIEM - SANS Webinar 202220 Years of SIEM - SANS Webinar 2022
20 Years of SIEM - SANS Webinar 2022Anton Chuvakin271 views21 slides
10X SOC - SANS Blue Summit Keynote 2021 - Anton Chuvakin10X SOC - SANS Blue Summit Keynote 2021 - Anton Chuvakin
10X SOC - SANS Blue Summit Keynote 2021 - Anton ChuvakinAnton Chuvakin379 views25 slides
SOCstock 2020 Groovy SOC Tunes aka Modern SOC TrendsSOCstock 2020 Groovy SOC Tunes aka Modern SOC Trends
SOCstock 2020 Groovy SOC Tunes aka Modern SOC TrendsAnton Chuvakin279 views14 slides

More from Anton Chuvakin(20)

SANS Webinar: The Future of Log Centralization for SIEMs and DFIR – Is the En...SANS Webinar: The Future of Log Centralization for SIEMs and DFIR – Is the En...
SANS Webinar: The Future of Log Centralization for SIEMs and DFIR – Is the En...
Anton Chuvakin16 views
SOC Lessons from DevOps and SRE by Anton ChuvakinSOC Lessons from DevOps and SRE by Anton Chuvakin
SOC Lessons from DevOps and SRE by Anton Chuvakin
Anton Chuvakin248 views
Hey SOC, Look LEFT! by Anton Chuvakin RSA 2023 BoothHey SOC, Look LEFT! by Anton Chuvakin RSA 2023 Booth
Hey SOC, Look LEFT! by Anton Chuvakin RSA 2023 Booth
Anton Chuvakin130 views
20 Years of SIEM - SANS Webinar 202220 Years of SIEM - SANS Webinar 2022
20 Years of SIEM - SANS Webinar 2022
Anton Chuvakin271 views
10X SOC - SANS Blue Summit Keynote 2021 - Anton Chuvakin10X SOC - SANS Blue Summit Keynote 2021 - Anton Chuvakin
10X SOC - SANS Blue Summit Keynote 2021 - Anton Chuvakin
Anton Chuvakin379 views
SOCstock 2020 Groovy SOC Tunes aka Modern SOC TrendsSOCstock 2020 Groovy SOC Tunes aka Modern SOC Trends
SOCstock 2020 Groovy SOC Tunes aka Modern SOC Trends
Anton Chuvakin279 views
SOCstock 2021 The Cloud-native SOC SOCstock 2021 The Cloud-native SOC
SOCstock 2021 The Cloud-native SOC
Anton Chuvakin424 views
Modern SOC Trends 2020Modern SOC Trends 2020
Modern SOC Trends 2020
Anton Chuvakin750 views
Anton's 2020 SIEM Best and Worst Practices - in BriefAnton's 2020 SIEM Best and Worst Practices - in Brief
Anton's 2020 SIEM Best and Worst Practices - in Brief
Anton Chuvakin339 views
Generic siem how_2017Generic siem how_2017
Generic siem how_2017
Anton Chuvakin1K views
Tips on SIEM Ops 2015Tips on SIEM Ops 2015
Tips on SIEM Ops 2015
Anton Chuvakin364 views
Five SIEM Futures (2012)Five SIEM Futures (2012)
Five SIEM Futures (2012)
Anton Chuvakin607 views
RSA 2016 Security Analytics PresentationRSA 2016 Security Analytics Presentation
RSA 2016 Security Analytics Presentation
Anton Chuvakin494 views
Five Best and Five Worst Practices for SIEM by Dr. Anton ChuvakinFive Best and Five Worst Practices for SIEM by Dr. Anton Chuvakin
Five Best and Five Worst Practices for SIEM by Dr. Anton Chuvakin
Anton Chuvakin10K views
Five Best and Five Worst Practices for SIEM by Dr. Anton ChuvakinFive Best and Five Worst Practices for SIEM by Dr. Anton Chuvakin
Five Best and Five Worst Practices for SIEM by Dr. Anton Chuvakin
Anton Chuvakin14K views
Practical Strategies to Compliance and Security with SIEM by Dr. Anton ChuvakinPractical Strategies to Compliance and Security with SIEM by Dr. Anton Chuvakin
Practical Strategies to Compliance and Security with SIEM by Dr. Anton Chuvakin
Anton Chuvakin3.4K views
SIEM Primer:SIEM Primer:
SIEM Primer:
Anton Chuvakin4.7K views
Log management and compliance: What's the real story? by Dr. Anton ChuvakinLog management and compliance: What's the real story? by Dr. Anton Chuvakin
Log management and compliance: What's the real story? by Dr. Anton Chuvakin
Anton Chuvakin1.5K views
On Content-Aware SIEM by Dr. Anton ChuvakinOn Content-Aware SIEM by Dr. Anton Chuvakin
On Content-Aware SIEM by Dr. Anton Chuvakin
Anton Chuvakin1.7K views
Making Log Data Useful: SIEM and Log Management Together by Dr. Anton ChuvakinMaking Log Data Useful: SIEM and Log Management Together by Dr. Anton Chuvakin
Making Log Data Useful: SIEM and Log Management Together by Dr. Anton Chuvakin
Anton Chuvakin2.6K views

Recently uploaded

IMD World Talent Report 2023.pdfIMD World Talent Report 2023.pdf
IMD World Talent Report 2023.pdfPaperjam_redaction723 views1 slide
Marv Wexler - Transform Your with AI.pdfMarv Wexler - Transform Your with AI.pdf
Marv Wexler - Transform Your with AI.pdfSOLTUIONSpeople, THINKubators, THINKathons179 views22 slides
The CMO Survey - Highlights and Insights Report - Fall 2023The CMO Survey - Highlights and Insights Report - Fall 2023
The CMO Survey - Highlights and Insights Report - Fall 2023christinemoorman23 views80 slides
Online Giving Trends (3).pdfOnline Giving Trends (3).pdf
Online Giving Trends (3).pdfBloomerang27 views48 slides
Biotech Fundraising in a DownturnBiotech Fundraising in a Downturn
Biotech Fundraising in a DownturnVolker Hirsch46 views16 slides
goodmakerU & Bloomerang Webinar _The Keys to a record breaking Year-End Fundr...goodmakerU & Bloomerang Webinar _The Keys to a record breaking Year-End Fundr...
goodmakerU & Bloomerang Webinar _The Keys to a record breaking Year-End Fundr...Bloomerang129 views80 slides

Recently uploaded(20)

IMD World Talent Report 2023.pdfIMD World Talent Report 2023.pdf
IMD World Talent Report 2023.pdf
Paperjam_redaction723 views
Marv Wexler - Transform Your with AI.pdfMarv Wexler - Transform Your with AI.pdf
Marv Wexler - Transform Your with AI.pdf
SOLTUIONSpeople, THINKubators, THINKathons179 views
The CMO Survey - Highlights and Insights Report - Fall 2023The CMO Survey - Highlights and Insights Report - Fall 2023
The CMO Survey - Highlights and Insights Report - Fall 2023
christinemoorman23 views
Online Giving Trends (3).pdfOnline Giving Trends (3).pdf
Online Giving Trends (3).pdf
Bloomerang27 views
Biotech Fundraising in a DownturnBiotech Fundraising in a Downturn
Biotech Fundraising in a Downturn
Volker Hirsch46 views
goodmakerU & Bloomerang Webinar _The Keys to a record breaking Year-End Fundr...goodmakerU & Bloomerang Webinar _The Keys to a record breaking Year-End Fundr...
goodmakerU & Bloomerang Webinar _The Keys to a record breaking Year-End Fundr...
Bloomerang129 views
WAM Deck Sep_2023.pdfWAM Deck Sep_2023.pdf
WAM Deck Sep_2023.pdf
Western Alaska Minerals Corp.221 views
TSX-V_WIL_2021-DATA.KRESTON.VN.pdfTSX-V_WIL_2021-DATA.KRESTON.VN.pdf
TSX-V_WIL_2021-DATA.KRESTON.VN.pdf
ThuPhng2610228 views
RDR BP PC V3RDR BP PC V3
RDR BP PC V3
PrabhjotSingh81894941 views
PersonalBrandCanvasPersonalBrandCanvas
PersonalBrandCanvas
Aariana134 views
Crypto Quantum Leap Crypto Quantum Leap
Crypto Quantum Leap
Hifra24 views
GEMSTONEGEMSTONE
GEMSTONE
KaifKhan72346220 views
Mariia Abdullina and Yana Bort: Як обʼєднати багатокомпонентний ентерпрайз на...Mariia Abdullina and Yana Bort: Як обʼєднати багатокомпонентний ентерпрайз на...
Mariia Abdullina and Yana Bort: Як обʼєднати багатокомпонентний ентерпрайз на...
Lviv Startup Club28 views
Fixing Your OKRs With Agility – Agile Indy 2023Fixing Your OKRs With Agility – Agile Indy 2023
Fixing Your OKRs With Agility – Agile Indy 2023
Yuval Yeret103 views
2011-2017: NTN Americas Town Hall Meeting & Leadership Academy 2011-2017: NTN Americas Town Hall Meeting & Leadership Academy
2011-2017: NTN Americas Town Hall Meeting & Leadership Academy
TETSUYA SOGO4.5K views
9.27.23 Nonprofit Success Slides - HBerger.pdf9.27.23 Nonprofit Success Slides - HBerger.pdf
9.27.23 Nonprofit Success Slides - HBerger.pdf
Bloomerang68 views
Copy of Helping You Hire Remote Developers & Accountants.pdfCopy of Helping You Hire Remote Developers & Accountants.pdf
Copy of Helping You Hire Remote Developers & Accountants.pdf
AV Tech Smart Solutions Ltd19 views
FINAL_Bloomerang Volunteer .pdfFINAL_Bloomerang Volunteer .pdf
FINAL_Bloomerang Volunteer .pdf
Bloomerang55 views
Noriega_Sebastian_MBBS_PB1_2023-Sep.pptxNoriega_Sebastian_MBBS_PB1_2023-Sep.pptx
Noriega_Sebastian_MBBS_PB1_2023-Sep.pptx
SebastianNoriega1221 views
WHY for Rotary 2023.09.20.08.56.pptxWHY for Rotary 2023.09.20.08.56.pptx
WHY for Rotary 2023.09.20.08.56.pptx
Paul Menig18 views

Log Forensics from CEIC 2007

Editor's Notes

  1. Integrating Log Analysis into Your Incident Response Practice Monday May 7 — General Lab 1 7:30 a.m. - 9:00 a.m. Presented By Anton Chuvakin Log management and log analysis plays a key role in the area of incident response. As the complexity and frequency of investigations climb so does the understand of how to use logs to quickly diagnose an incident and narrow the scope of an investigation . With the proper procedures, logging settings, and analytical tools an organization can use logs to dramatically increase the productivity and effectiveness of their incident response process. Using hand on examples this lab will show the importance of logs and the specific situation in which they can be used , how they can be used and what their limitation are.