Past Appearances and Presentations
- (05/29/2002) InfraGard,Pennsylvania chapter, Philadelphia, PA
Presentation: "FTP Attack Case Study"
Text: here.
- (05/30/2002)
InfraGard, New Jersey chapter, Edison, NJ
Presentation: "FTP Attack Case Study"
Text: not public
- (06/18/2002)
FBI Academy, Quantico, VA
Presentation: "Rootkits"
Text: here
- (11/7/2002) ITRA
Honeypots Conference, Las Vegas, NE
Presentation: "Implementing the Honeypot"
Text:
here
- (01/21/2003) NJ
InfraGard, Princeton, NJ
Presentation: "Event Correlation in Security Information Management"
Text: not public
- (08/14/2003) SANS Fire
2003,
Washington, DC
Presentation: "UNIX Rootkits: Detailed Analysis"
Text: not public
- (10/03/2003) "Prevent
Intrusions" with Stephen Northcutt (SANS), Las Vegas, NV
Presentation: "Centralizing Centralization"
Text: here.
- (10/14/2003) "NY ISSA
Meeting",
New York, NY
Presentation: "Incident Response with netForensics"
Text: not public
- (10/23/2003) Securing
Government IT in the Age of Homeland Security, Washington, DC
Presentation: "Honeypots: Implementing, Deploying and Maintaining a
Honeypot"
Text: here.
- (03/16/2004) NJ
InfraGard, Edison, NJ
Presentation: "Security Warrior: How to tell your Linux System is
Hacked"
Text: here.
- (03/23/2004) SearchEnterpriseLinux
webcast
Presentation: "Linux Security"
Text: not public
- (03/24/2004) NY
InfraGard, New York, NY
Presentation: "Security Warrior: Linux Security"
Text: not public
- (05/14/2004) ISSA
Annual Conference,
New York, NY
Presentation: "Threat Intelligence"
Text: not public
- (06/10/2004)DID NOT HAPPEN! InfoSecurity
Canada
Presentation: "Intrusion Prevention via Log Analysis"
Text: not public
- (10/03/2004) SANS Network
Security 2004
Presentation: "Simple Log Mining" (on using data mining-like techniques
for security log analysis)
Text: see loganalysis.org site
- (10/06/2004) SANS
Institute webcast
Presentation: "What's NOT Working in Security in 2004"
Text: here.
- (11/18/2004) NY
ISSA, New York, NY
Presentation: "netForensics SIM: Five Years and Beyond - Evolution of
Security Information Management"
Text: not public
- (12/09/2004) Infosecurity
2004, New York, NY
Presentation: "Log Analysis for Security"
Text: not public
- (04/22/2005) netForensics FUG II, Orlando,
Orlando, FL
Presentation: "nFX OSP Advanced Use Best Practices"
Text: not public
- (05/25/2005) LinuxWorld 2005 NY,
New York, NY
Presentation: "Intrusion Discovery with Linux"
Text: not public
- (07/29/2005) SANS Network Security 2005
Presentation: "TCP/IP for Intrusion Detection, Day 1"
Text: not public
- (08/09/2005) netForensics FUG III,
Washington, DC
Presentation: "netForensics nFX OSP Advanced Use Best Practices"
Text: not public
- (10/25/2005) ISSA NY
Chapter
New York, NY
Presentation: "Vulnerability Management Challenges: SIM to the Rescue"
Text: not public
- (11/14/2005) MISTI
Security and Audit
2005 Orlando, FL
Presentation: "What Every Organization Should Monitor and Log"
Text: not public
- (11/18/2005) USDA IT
Summit
Presentation: "Using SIM for Getting Security Organized (Finally!)"
Text: not public
- (12/13/2005) Security
Metrics Vigilar Webcast
Presentation: "Optimizing Security Operations Performance: You Can't
Manage What You Don't Measure"
Text: not public
- (01/26/2006) Major
bank security
team Unspecified, TX
Presentation: "Log Mining and Baselining Analytics"
Text: not public
- (03/01/2006) SANS
2006
Orlando, FL
Presentation: "Baselining Logs and Alerts"
Text: not public
- (03/22/2006) netForensics
Federal
User Group 2006 Ft Meade, MD
Presentation: "Advanced SIM Use"
Text: not public
- (04/19/2006) NSI Partner
Seminar Simi Valley, CA
Presentation: "Log Management and Intelligence"
Text: not public
- (04/26/2006) United
States Military
Academy at West Point West Point, NY
Presentation/lecture 1: "Logs for Information Assurance"
Presentation/lecture 2: "Log Forensics"
Text: not public
- (05/09-10/2006) North
America
Computer Audit, Control and Security Conference - ISACA NA CACS
Orlando, FL
Presentation 1: "Log Management Best Practices"
Presentation 2: "Log Management for Forensics Investigations"
Text: not public
- (06/13/2006) CSI
NetSec 2006
Scottsdale, AZ
Presentation: "Log Mining for Security"
Text: not public
- (07/13/2006) SANS
Log Management Summit Washington, DC
Presentation 1: Panel on Log Management
Presentation 2: "Choosing a Log Management Approach"
Text: not public
- (09/28/2006) Log
Management Insights Online
Presentation: "New Thinking on Compliance"
Text: here.
- (10/04/2006) SANS
Network Security 2006 Washington, DC
Presentation: "Choosing a Log Management Approach"
Text: not public
- (10/31/2006) Group 451 IT
Innovation Summit Boston, MA
Panel: "Security Sector"
Text: not public
- (11/13/2006) CSI
33rd Annual Conference Orlando, FL
Presentation: "Log Mining for Security"
Text: not public
- (11/15/2006) SC
Magazine Webcast Online
Presentation: "Integrating Log Analysis and Forensics to Deliver
Superior Incident Response: Answering Compliance & Information
Protection Mandates In 2007"
Text: here.
- (11/20/2006) SANS
New Orleans 2006 New Orleans, LA
Presentation: "Selecting A Log Management Approach"
Text: not public
- (12/1/2006) SearchSecurity
Webcast Online
Presentation: "Steps for Continuous Compliance - Automating Your PCI
Compliance"
Text: here.
- (01/18/2007) ISACA
Silicon Valley 2007 Winter Conference Santa Clara, CA
Panel: "Cyber Crime- Security, Strategy & Solutions"
Text: not public
- (01/25/2007) DoD
Cybercrime Conference 2007 St Louis, MO
Presentation: "Five Mistakes of Log Analysis"
Text: not public
- (03/8/2007) IT
Underground 2007 Prague, Czech Republic
Presentation: "Log Mining and Analysis"
Text: not public
- (04/4/2007) SANS
2007 Security Conference San Diego, CA
Presentation: "Selecting A Log Management Approach"
Text: teaser
here
- (04/4/2007) SANS 2007
Security ConferenceSan Diego, CA
Presentation: "NIST Log Management Guide 800-92 in the Real World"
Text: not public
- (04/23/2007) SANS Log
Management Summit 2007 San Jose, CA
Presentation: "Selecting A Log Management Approach"
Text: teaser
here
- (04/23/2007) SANS Log
Management Summit 2007 San Jose, CA
Presentation: "Implementing Log Management" discussion panel
Text: panel
- (05/07/2007) Computer
and Enterprise Investigations Conference 2007 Las Vegas, NV
Presentation: "Integrating Log Analysis into Your Incident Response
Practice"
Text: teaser
here
- (05/8/2007) Unatek
2007 Security Conference 2007 Baltimore, MD
Presentation: NOT PRESENTING
Text: not public
- (05/12/2007) CONFidence
2007 Security Conference Krakow, Poland
Presentation: "System, Network and Security Log Forensics"
Text: teaser
here
- (05/12/2007) CONFidence
2007 Security Conference Krakow, Poland
Tutorial: "Logs for Incident Response"
Text: not public
- (05/30/2007) Interop
Moscow 2007 Moscow, Russia
Presentation: "Trends in IT Security: 20007 and Beyond"
Text: teaser
here
- (05/31/2007) Online
webinar roundtable on log management trends and best practices
webinar
Presentation: "Log Management Trends and Best Practices"
Text: not public
- (06/12/2007) CSI
NetSec Scottsdale, AZ
Presentation: "Six Mistakes of Log Management"
Text: teaser
here
- (06/19/2007) FIRST 2007
Annual Conference Seville, Spain
Tutorial: "Logs for Incident Response"
Text: not public
- (06/27/2007) 2007
G-FIRST National Conference Orlando, Florida
Presentation/tutorial: "Six Mistakes of Log Management"
Text: teaser
here
- (07/27/2007) SANSFire
2007 Washington, DC
Presentation: "Choosing Your Log Management Approach"
Text: not public yet
- (08/11/2007) ISSA
Orange County Chapter Los Angeles, CA
Presentation: "Six Mistakes of Log Management"
Text: teaser
here
- (09/6/2007) LogLogic Webcast online
Panel: "Web Proxy Log Analysis and Log Management"
Text: here
- (09/16/2007) LogLogic Webcast online
Panel: "From FISMA to NIST: Compliance and Log Management"
Text: here
- (09/19/2007) SecureWorld
San Francisco, CA
Panel: "SOX and Security Panel"
Text: N/A
- (09/20/2007) MISTI
IT Security World 2007 San Francisco, CA
Presentation/tutorial: "Log Management From A to Z"
Text: not public yet
- (09/28/2007) SANS NS 2007 Las
Vegas, NV
Presentation/tutorial: "Log Management 'Worst
Practices'"
Text: not public yet
- (11/13/2007) DeVenCI CIT Workshop on
Network Survivability and Recovery Institute for Defense
Analyses, Alexandria VA
Presentation/tutorial: "LogLogic for Log Management'
Text: not public yet
- (12/13/2007) SANS CDI 2007
Washington, DC
Presentation/tutorial: "Log Management 'Worst Practices'
Text: not public yet
- (1/15/2007) SANS Secuity 2008
New Orleans, LA
Presentation/tutorial: "Log Management 'Worst Practices'
Text: not public yet
- (1/17/2007) DoD
CyberCrime 2008 St Louis, MO
Presentation/tutorial: "Seven Mistakes of Security Log Analysis
Text: not public yet
- (01/29/2008) OpenGroup Enterprise
IT Architecture Conference 2008 San Francisco, CA
Presentation: "CEE Logging Standard: Present and Future"
Text: not public yet
- (01/30/2008) Technosium 2008 Conference
Santa Clara, CA
Presentation: "Log Data: The Weapon Of Choice to Thwart Insider
Threats"
Text: not public yet
- (02/04/2008) Honeynet
Workshop for UK intelligence agency that asked not to be identified
Cheltenham, UK
Presentation: "Honeynets vs Insiders"
Text: not public yet
- (02/04/2008) Computer Forensics
Show Washington, DC
Presentation: "Log Forensics"
Text: N/A
- (03/05/2008) WhiteHatWorld Webcast
Presentation: "Log Management Thought Leadership Roundtable"
Text: recording
- (03/12/2008) MISTI
InfoSec World 2008 Orlando, FL
Presentation: "The Five Mistakes of Security and Compliance Log
Analysis"
Text: not public yet
- (03/13/2008) MISTI
Log Management Summit Orlando, FL
Presentation: "Logs for Incident Response"
Text: not public yet
- (03/13/2008) MISTI
Log Management Summit Orlando, FL
Presentation: "Emerging Log Standards"
Text: not public yet
- (03/24/2008) Russian CSO
Summit Moscow, Russia
Presentation: keynote presentation on security trends
Text: not public yet
- (03/31/2008) Next
Generation Security , Logging and Incident Response workshop
Singapore
Presentation: Next Generation Security, Logging and Incident Response
Text: not public yet
- (04/21/2008) TRISC
2008 COnference Austin, TX
Presentation: "Seven Mistakes of Security Log Analysis"
Text: not public yet
- (04/23/2008) Idaho ISSA Chapter
Idaho Falls, ID
Presentation: "Log Forensics"
Text: not public yet
- (04/23/2008) Idaho ISSA Chapter
Idaho Falls, ID
Presentation: "Seven Mistakes of Security Log Management"
Text: not public yet
- (04/30/2008) OWASP CT
Chapter Hartford, CT (here
too)
Presentation: "Application Logging 'Worst Practices'"
Text: not public yet
- (05/12/2008) SANS
SecurityWest, San Diego, CA
Presentation: "'Worst Practices' of Log Management"
Text: not public yet
- (05/14/2008) Secure360 Conference
Minneapolis, MN
Presentation: "Application Logging 'Worst Practices"
Text: not public yet
- (05/22/2008) WhiteHatWorld Webcast
Presentation: "Worst Practices' of Log Management"
Text: recording
- (05/28/2008) O'Reilly Webinar
Presentation: "Worst
Practices' of Log Management"
Text: slides
or recording
- (06/03/2008) 4th Annual G-FIRST
National 2008 Conference, Orlando, FL
Presentation: "Using Logs for Incident Response and Forensics"
Text: not public yet
- (06/05/2008) SANS
webcast
Presentation: "Presenting
Fourth Annual Log Management Survey"
Text: here
- (06/18/2008) SearchSecurity/Bitpipe
Podcast
Presentation: "Eliminating
the Headaches of Log Management - Part 1" and "Eliminating
the Headaches of Log Management - Part 2"
Text: recording (part
1 and part
2)
- (06/23/2008) FIRST 2008
Conference, Vancouver, Canada
Tutorial: "System,
Network and Security Log Analysis for Incident Response"
Text: to be added later
- (06/24/2008) Burton
Group Annual Conference, San Diego, CA
Presentation: "Log
and Event Standard" working group
Text: to be added later
- (07/22/2008) ISC(2)
e-Symposium on Logging and
Reporting: A Foundation for Your Security Infrastructure
Presentation: "Logs As a Vehicle for Accountability in IT and Beyond"
Text: slidesor here or recording
- (07/24/2008) SANSFire 2008,
Washington, DC
Presentation: ""Worst Practices" of Log Management"
Text: not pubic yet
- (07/29/2008) SANS Webcast
Presentation: "Security
Is Not Virtual: Auditing and Logging Considerations to Ensure
Compliance and Protect Virtual Server Environments"
Text: here
- (09/16/2008) GOVCERT.NL
Symposium 2008, Rotterdam, The Netherlands
Presentation: "Logging for Incident Response and Forensics: Key Issues"
Text: TBA
- (09/11/2008) SecureWorld
Bay Area, Santa Clara, CA
Presentation: "PCI
Compliance Panel"
Text: panel
- (10/03/2008) SANS Network Security, Las Vegas, NV
Presentation: "'Worst Practices' of Log Management"
Text: see Slideshare
- (10/30/2008) HITB
2008, Kuala Lumpur, Malaysia
PRESENTATION CANCELLED!
Keynote presentation: "Welome to the 0wned World"
Text: not public yet (see here)
- (11/14/2008) DeepSec
2008, Vienna, Austria
Presentation: "Making Logs Sexy Again: Can We Finally Lose The Regexes?"
Text: not public yet
- (07/16/2009) WITS Symposium , Napa, CA
Presentation: "Consumer Compliance: The Next Generation of Issues"
Text: not public yet
-
(10/23/2009) SeaCureIT, Milan, Italy CANCELLED APPEARANCE
Presentation: TBA
Text: not public yet
-
(10/27/2009) CSI 2009 Annual Conference, Baltimore, MD CANCELLED APPEARANCE
Presentation: "PCI DSS in Cold Numbers"
Text: not public yet
-
(10/27/2009) CSI 2009 Annual Conference, Baltimore, MD
Presentation: "PCI DSS as a Security Framework: Good, Bad or Maybe Ugly?"
Text: not public yet
-
(10/28/2009) BrighTalk PCI Summit Webcast, online
Presentation: "PCI DSS as Framework for Your Security Program: Good or Bad?"
Text: access full recording here
-
(10/28/2009) 5th Annual IT Security Automation Conference, Baltimore, MD
Presentation: "LogChaos: Challenges and Opportunities of Security Log Standardization"
Text: here
-
(10/28/2009) BankInfoSecurity webcast, online
Presentation: "PCI 2010: Trends and Technologies"
Text: full recording here and slides here
-
(11/24/2009) BrightTalk PCI 360: Multiple Perspectives, online
Presentation: "PCI DSS Myths 2009: Fiction and Reality"
Text: full recording here and slides here
- (12/1/2009) State of CA (private class), Sacramento, CA
Training class: SANS 434 "Log Management In-Depth: Compliance, Security, Forensics, and Troubleshooting"
Text: not public.
- (12/7/2009) SANS Cyber Defense Initiative, Washington, DC
Training class: SANS 434 Log Management In-Depth: Compliance, Security, Forensics, and Troubleshooting"
Text: not public.
- (2/8/2010) ShmooCon 2010, Washington, DC
Panel: "PCI DSS: An Existential Threat To Security As We Know It?" with Joshua Corman, Jack Daniel and Mike Dahn
Text: video TBA at ShmooCon site
- (2/9/2010) "SC Magazine" webcast, online
Panel: "Content-Aware SIEM Defined"
Text: here
-
(3/2/2010) SecurityBSides, San Francisco, CA
Presentation: "PCI DSS Discussion Panel"
Text: N/A
- (4/22/2010) SourceBoston, Boston, MA
Presentation: "PCI Done Right and Wrong" with my co-author Branden Williams
Text: here
- (4/28/2010) Honeynet Annual Meeting, Mexico, MX
Training class: "Something about Logs"
Text:
- (5/2/2010) PCI DSS Workshop, Indianapolis, IN
Keynote Presentation: "Spirit of PCI DSS?"
Text: here
- (5/12/2010) Secure 360, Minneapolis, MN
Presentation: "PCI-based Security: Is This For Real?"
Text:
- (7/1/2010) HITB Amsterdam, Amsterdam, Netherlands
Keynote Presentation: "Security Chasm"
Slides: here
Video: TBA
Media coverage: here
- (8/23/2010) BrightTalk webcast
Presentation: "What PCI DSS Taught Us About Security"
Live recording: here
- (10/1/2010) Focus.com webcast
Presentation: "Achieve PCI Compliance and Ensure Security in a Data Deluge"
- (11/9/2010) SANS @ Night, San Francisco, CA
Presentation: "Got SIEM? Now what? Making SIEM work for you!"
Slides: here
- (12/1/2010) Intel - NRF webcast
Presentation: "Address Network Security & Dramatically Reduce PCI DSS Scope with Gateway Tokenization"
- (12/10/2010) BayThreat 2010, San Jose, CA
Presentation: "You Got That SIEM. Now What Do You Do?"
Slides: here
- (2/11/2011) SANS webcast
Presentation: "Proactive Compliance for new PCI-DSS 2.0"
Slides: here
- (2/15/2011) SecurityBSides SF/ RSA 2011, San Francisco, CA
Presentation: "Something Fun About Using SIEM and Not Failing or Only Failing Non-Miserably or Not-Too-Miserably"
Slides: here
- (3/10/2011) BankInfoSecurity webcast
Presentation: "PCI Compliance: Tips, Tricks & Emerging Technologies"
- (3/18/2011) BrightTalk webcast
Presentation: "Using Logs for Breach Investigations and Incident Response"
Live recording: here
Slides: here
|