Protecting the Business: Creating a Security Maturity Model with SIEM
This session is a must-see for anyone who’s curious abou how event-based security managers actually work. Jamie and Destiny present a hands-on, end-to-end, how-to on configuring and using Log and Event Manager. The session will include configuring file integrity monitoring, understating the effects of normalization, and creating event correlation rules. They’ll also do a live demonstration of USB Defender’s insertion, copy activity detection, and USB blocking, Active Directory® user, group, and group-policy configuration for account monitoring, lock-outs for suspicious activity, and detecting security log tampering.
Even if you’re not using LEM or a SIEM tool, this will be a valuable lesson on Active Directory® threat considerations and some real-world examples of attack techniques.