This presentation will discuss the following:

• Fundamental reasons for logging and monitoring beyond basic security concerns
• How to streamline and data-mine your logs for actionable info, using tools like Splunk
• Cut the fat from your logs to maximize their impact without expensive investment in additional tools
• Correlating multiple log data sources to help paint the big picture
• Why using threat intelligence is so important
• Successful practices in logging, alerting, and monitoring – lessons learned from deploying network IDS/IPS for several large Fortune 100 companies

Senior Security Associate Kevin Lawrence speaks at ITAC 2015 Putting Your Logs On a Diet – Network Intrusion Detection – Best Practices