nanog mailing list archives

Previous By Date Next
Previous By Thread Next

FloCon 2018 [Was: Re: vFlow :: IPFIX, sFlow and Netflow collector]

From: Rachel Kartch <rakartch () cert org>
Date: Thu, 18 May 2017 13:12:53 +0000
On May 16, 2017, at 4:40 PM, Avi Freedman <freedman () freedman net> wrote:

    >On a related topic, I'd love to see NANOGers and general netops and perf-minded
    >people go to Flocon (put on by CERT, and heavily but not exclusively SiLK- and
    >security-focused).
    
    >Cross-pollination of interests, tools, and techniques will help us all...
    

As a two-decades-or-so lurker on this list (since back when I was a wee thing at ATHY/NYSERNet), I’m going to finally 
break out of lurk mode to thank Avi for his mention of FloCon, and take advantage of this opportunity to tell you all 
about a conference that might be of interest.

For those who aren’t familiar with it, FloCon is an annual conference organized by CERT, historically focused on 
network flow and flow data analysis, and particularly its use to support security. (I should note we are *not* 
US-CERT—we’re the CERT Division of the Software Engineering Institute, operated by Carnegie Mellon University.)

I said “historically focused on network flow” above because one of the changes for 2018 is that we’re expanding the 
scope of FloCon. This is in response to the trend in the types of submissions we’re receiving for the conference, and 
in the types of work we at CERT see our sponsors (and the rest of the world) interested in. The new scope for FloCon is 
data analysis in support of security operations—so, all types of data now, not just flow data or network data.

We still anticipate that network data analysis will be a significant part of FloCon because of its central place in 
security operations, but we’re hopeful that the expanded scope will allow participants to share new and exciting ways 
of fusing all sorts of data. (Network flow? Pcap? Passive DNS? Building access data? Incident report contents? 
Biometric data? Malware hashes? Bring it, whatever it is.)

We tend to get a good mix of security practitioners, tool builders, and researchers each year. I would love to see more 
people from the ops world join us, since I think the best advances in the state of the practice will come from bringing 
the brains of all of these groups together.

More information about the conference, including the call for participation, can be found here: 
https://resources.sei.cmu.edu/news-events/events/flocon/

As the chair for FloCon 2018, I’d be happy to take any questions off-list about the conference.


Thanks,

Rachel A. Kartch
Software Engineering Institute | CERT
4500 Fifth Avenue
Pittsburgh, PA 15213
rakartch () cert org
Previous By Date Next
Previous By Thread Next

Current thread: