PaulDotCom mailing list archives
Re: Security Threat Dashboard
From: Robert Cazares <robertcazares () gmail com>
Date: Mon, 15 Oct 2012 20:59:57 -0700
On Mon, Oct 15, 2012 at 6:49 PM, Chris Sanders <chris () chrissanders org> wrote:
I've seen situations where some of these dashboards get people in sticky situations when an educated member of management asks "How do you use this dashboard to enhance your operations?"
Yes. In my opinion questions should be expected. Regardless of the tech level of management one should be prepared to explain the tools that you are using. If you can explain the reasoning to yourself, then creating a standard, "this is what this does, this is what that does" should be fairly elementary.
If you have a little time to invest, you can setup some simple graphs using something like PRTG (http://www.paessler.com/prtg) to show traffic load of
PRTG is awesome as is MRTG. I don't have any active installations right now, but I have with past network incarnations. SPLUNK is cool. Easy to implement. And for me, they're, SPLUNK devs are easy to talk to being that they have an office here in downtown Seattle. It is my understanding that they occasionally pick up the phone too. SPLUNK, in my opinion has a great free SIEM type product. Takes a little work to get out what you want, but for a free product I think it's great. If you're in the Greater Seattle area, there is a SPLUNK event tomorrow, October 16, 2012, SLUNK Live at the Westin Bellevue 600 Bellevue Way NE Bellevue, WA 98004. Conveniently located nearby to the to the NCA 5th annual Security & Technology Conference at the Hyatt Regency in Bellevue. NCA can be interesting. The latest vendor offering can be found here as are some developers. It's interesting too see the same people manning the booths year after year. Seems to be very little attrition with these folks. Disclaimer: I work for none of the aforementioned companies. If you're attending NCA and want to meetup, find me at 206.650.0478. I'm open to making new local acquaintances in the security arena. Best is to text me as to where to meetup in the hotel. If you do want to meet, please make it early as I will be departing by 2:30PM as I have to be back at my workstation in Seattle for a 3:30PM meeting. Well, dang, I hope I didn't hijack this thread. It's just so exciting to be here today. ^) Robert Cazares CEH / CSFA / ACE / ASMP (206) 650-0478 (mobile) Digital Forensic / InfoSec Analyst http://e-cybersecurity.blogspot.com http://robertcazares.carbonmade.com http://www.linkedin.com/in/robertcazares http://digitalforensicanalysis.blogspot.com/ _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- Security Threat Dashboard xgermx (Oct 15)
- Re: Security Threat Dashboard Scott Runnels (Oct 15)
- Re: Security Threat Dashboard Matt Nels (Oct 15)
- Re: Security Threat Dashboard Matt Nels (Oct 15)
- Re: Security Threat Dashboard xgermx (Oct 15)
- Re: Security Threat Dashboard Chris Keladis (Oct 15)
- Re: Security Threat Dashboard Robert Cazares (Oct 15)
- Re: Security Threat Dashboard allison nixon (Oct 15)
- Re: Security Threat Dashboard Chris Sanders (Oct 15)
- Re: Security Threat Dashboard Robert Cazares (Oct 15)
- Re: Security Threat Dashboard Robert Cazares (Oct 15)
- Re: Security Threat Dashboard somanyholes (Oct 24)
- Re: Security Threat Dashboard xgermx (Oct 15)