Building an Effective Intrusion Detection Program presented at BSidesSanFrancisco 2017

by Jason Craig,

Summary : Modern breaches are often undetected for hundreds of days. Effective intrusion detection doesn't need to be so hard. This talk will outline how one can build an effective intrusion detection program on the cheap using free and/or inexpensive tools, and some brains. We'll compare and contrast some of the techniques employed in newsworthy breaches over the recent past and how we can catch them in a timely manner. We'll cover cloud apps, endpoints, network security monitoring, and how to crowd source incident response.