Loading…
Security BSides London, the UK’s biggest community-driven infosec conference is happy to announce its 8th iteration open to all regardless of background, skill level, income or job-title.  
  • Doors to the main event open at 8.30am with talks starting at 9am on 6 June 2018
  • Workshops will be held on 5 June 2018 starting at 10am; Pre-registration is required
Please remember that Security BSides London has a strict code of conduct available here.

Log in to bookmark your favorites and sync them to your phone or calendar.

Track 4 [clear filter]
Tuesday, June 5
 

10:00 BST

My log obeys commands - Parse!
Vendor content isn't always enough - log formats change, new products arrive and you can't always wait or pay the arm and leg for professional services. Learn the basics of turning logs from raw data to structured information.
- Expand your knowledge of regular expressions
- Try it out with some common log formats
- Discover re-usable patterns
- Prioritise key data

**Requirements**
Laptop with virtualbox

Speakers
JL

Joash Lewis

Who am I and why should you listen to me about log parsing?For the past 4 1/2 years I've been a Security Operations Centre Analyst.I've worked with some pretty big SIEM installations (hundreds of millions of events per day) for some pretty big organisations (NATO, for example).Along... Read More →


Tuesday June 5, 2018 10:00 - 12:00 BST
Workshop 4 ILEC Conference Centre 47 Lillie Road London SW6 1UD

12:30 BST

Do you even sniff, Bro? An Introduction to Bro IDS
An introduction into Bro IDS, a brilliant open source gem in the Blueteam detection arsenal.  
We'll cover best practise for architecture and implementation, after that it'll be hands on with Bro. Getting deeper we'll analyse some traffic, explore RDP coming from the outside the network, domain frequency for exfil/malware, top ports/talkers etc. We'll show some easy wins and give you useful tips that you can use in your own environment.

Demos, exercises and the material will be available on Github for further exploration.

**Requirements**
Laptop, complete with virtualbox. Should have a basic understanding of networks.

Speakers
ME

Michael Eriksson

Michael Eriksson is a Senior Cyber Security Specialist in Sophos, responsible for global network attack detection systems, protecting Sophos' networks.
CJ

Craig Jones

Senior Manager - Security Engineering, Sophos
 Craig is Senior Manager of Security Engineering in Sophos, responsible for detection engineering, IR and security infrastructure.​@albanwr​​​


Tuesday June 5, 2018 12:30 - 16:30 BST
Workshop 4 ILEC Conference Centre 47 Lillie Road London SW6 1UD
 

Twitter Feed