Intrusion Detection Systems Archive

When Prevention Fails: Extending IR and Digital Forensics to the Corporate Network (slides from SANS Boston 2011)


The slides from my @night talk at SANS Boston 2011 are available for download now: When Prevention Fails, Extending IR and Digital Forensics Capabilities to the Corporate Network (PDF – 6,2 MB) Thanks to Barbara Basalguete, Stephen Northcutt and the rest of the SANS crew for the opportunity to participate in such a great event, as well [...]

Community SANS and SEC 503 comes to Berlin! 16-21 May


I can’t think of any better place to be in May than… Berlin!! So all packet-ninjas looking to improve their TCP/IP and traffic analysis skills are welcome to join us in the first ever Community SANS Berlin for the SECURITY 503: Intrusion Detection In-Depth track. A full description of the event can be found here: [...]

Teaching Community SANS Security 503: Intrusion Detection In-Depth


I’m glad to announce that I will be teaching Community SANS Security 503: Intrusion Detection In-Depth at Banbury, Oxfordshire (UK). This 6-day course will run from Monday, February 15, 2010 through Saturday, February 20, 2010.

Security Onion LiveCD is now available


I read in Doug Burks’ tweet that his Security Onion LiveCD is now available for download. Being a serious Sguil fan, I can’t do anything but recommend you have a look at this new live distro.