Four weeks from today I will present a one day class on Network Security Monitoring with Open Source Tools at USENIX 2005 in Anaheim, California. This is an improved an updated version of the class I presented last year at USENIX Security 2004.
I am looking forward to teaching this class. It will equip participants with the theory, tools, and techniques to detect and respond to security incidents. Network Security Monitoring (NSM) is the collection, analysis, and escalation of indications and warnings to detect and respond to intrusions. NSM relies upon alert data, session data, full content data, and statistical data to provide analysts with the information needed to achieve network awareness. Whereas intrusion detection cares more about identifying successful and usually known attack methods, NSM is more concerned with providing evidence to scope the extent of an intrusion, assess its impact, and propose efficient, effective remediation steps.
According to the registration details, attending a single day of training costs $625. Discounts for attending more days of training and technical sessions also apply.
I hope to see you in Anaheim! If you can't make it, let me know if you would be interested in this sort of training by sending an email to taosecurity at gmail dot com.