Join us on Wednesday, January 8th at 10am Pacific for the webinar “ Designing logs in the real world”.
The Speaker is Steve Smoot from Corelight
Register here, and also note our list of upcoming webinars.
Abstract:
The real world often breaks simple assumptions of how research is done – when one organization knows what to look for, but wont disclose their secret sauce, it can be tricky to help them generate good logs! Suppose you don’t know which part of a protocol has the key information. Suppose the protocol is based on three or four RFCs, but also has random vendor changes and multiple versions and seem to tell some fibs. Suppose the PCAPs are scarce on the internet and partner organization isn’t allowed to share theirs. How can you hash it out? I’ll go through my journey in developing a log in the “real world.”
Bio:
Steve Smoot has been in and out of open source since coding for his Computer Science PhD at UC Berkeley in the 1990s and has been working in networking since 2000. Presently he is Corelight’s Chief Customer Officer, where he focuses on building technical teams to enable customers to achieve their goals with Zeek (& Suricata). Formerly, he played a catalytic role at Riverbed, scaling from 10 to 2600 people, and before that brought the FastForward Networks technology and how-to to Europe for Inktomi. Previously, he developed video compression technology that enables the video streams we all watch every night. Dr. Smoot is a graduate of MIT and holds a PhD in Computer Science from the University of California at Berkeley.