Workshop: Grepping For Gold presented at Blackhat Europe 2011

by Wim Remes (Ernst & Young ), Xavier Mertens (c-cure ),

Tags: Security

Summary : Don't let wikileaks happen to you !!
Let's try this again!
System, network and application logs are a treasure trove for sysadmins, incident handlers and forensic analysts. Manually sifting through the data however is a task that few among us enjoy. In this workshop Xavier and Wim will introduce you to several free and open source tools that will enable you to identify events of interest, working on event logs from various systems, analyzing a mock incident and visualizing seemingly meaningless blobs of data to bring out the information that you need to do your job.
We assume a good knowledge of Windows and Unix/Linux system adminstration and scripting (python/perl). Bringing your own laptop able to run one or more Linux Virtual Machines (VMWare) will significantly increase the learning experience.

Wim Remes: Wim Remes is an information security consultant working for Ernst and Young in Belgium with a particular interest in intrusion detection, attack prevention and security monitoring