UPDATE: Justin from the OWASP Philly chapter has a nice write up on my presentation here. He did a really nice job, you should go read it.
Just a quick update to let you know I’m heading to Philadelphia to speak to the local OWASP chapter on Security Intelligence. I set the ground work for this talk in a previous blog post and will go in to more detail on how to use disparate data sources to make better security decisions. Think data warehouses and business intelligence tools all within a security context. I’ll also cover some non-security applications and tools that can be used for security purposes.
The OWASP Phlly meeting is on May 23. Thanks to Aaron Weaver for the invite. More details on the talk are below and on the OWASP Philadelphia chapter site. If you happen to find yourself in the area please come on out. Mention this post and I’ll buy you a beer. 🙂
The Search for Intelligent Life
Synopsis: For years organizations have been mining and culling data warehouses to measure every layer of their business right down to the clickstream information of their web sites. These business intelligence tools have helped organizations identify points of poor product performance, highlighting areas of current and potential future demand, key performance indicators, etc. In the information security field we still tend to look at our information in silos. Dedicated engineers solely focused on web application security, network security, compliance and so on, all while bemoaning a lack of information and decision support.
In this talk, Ed will cover some of the many sources of security data publicly available and how to apply them to add context to your security data and tools to help make more intelligent decisions. Ed also points out a number of ways to repurpose information and tools your company is already using in order to glean a clearer view into your security and the threats that may effect it.