Checklist for Network Security Monitoring (NSM) for On-premise, Data Centers and Cloud set-ups This checklist was developed from the Birds of Feather (BOF) session on Tooling for NSM held on 15 June 2021 under the Anomalous Network Detection Patterns p… more
Observability, anomaly detection and deep defense is the cycle for early detection of attacks and network breaches.
Speakers from FreeBSD community, CRED, AWS, Datadog, Farsight Securities and other organizations will share their experiences with processes and tools for tightening the loops of network security and anomaly detection, and how to build robust observability workflows.
The conference will cover topics ranging from:
- Network Security Monitoring (NSM)
- Unified approach to observability
- VPN connectivity and unusual traffic patterns
- Response Policy Zones (RPZ)
- Network behaviour analysis and early indicators of attack
The conference is open for participation to the following practitioners.
- SRE teams.
- Observability geeks.
- Engineers who work with Cloud infrastructure.
- Network security engineers.
- DevSecOps teams and practitioners.
See schedule at at https://hasgeek.com/rootconf/detecting-anomalous-network-patterns/schedule
Anatomy of an attack
Network behaviour analysis often leads to early indicators of attack, however, network behaviour needs to be augmented with additional data points like user behaviour, data flow characteristics, threat intelligence, anonymous API calls to identify and establish threat patterns
There are mechanism of preventive and detective controls. In this session we will look at an Anatomy of an attack and how to leverage various capabilities to identify various indicators and trace attack path