August 23rd, 2010 by lhaasThe St. Louis chapter of ISACA will present on proactive forensics during its 2010-2011 kick-off meeting on September 15th. Click below for details.
Beyond Reactive: Leverage Forensics to Increase Security and Auditability:
As network environments get larger, faster, and more complex, they become more difficult to secure. With numerous applications, users, and systems interacting, and a staggering array of increasingly complex threats, the number of events to monitor can be overwhelming.
Traditional IT security has largely failed to protect corporations, government and individuals. Typical firewall/anti-virus combinations are reactive and frequently circumvented, and provide little mitigation in the case of data breaches. The problem is apparent with numerous high-profile breaches getting headlines in the last several years DoD, PCI, HIPAA.
This session will focus on the use of proactive forensics and how an organization can audit live systems in real time. Proactive forensics provides advanced capabilities to protect internal & external systems at a very low level and is undetectable to attackers. Benefits discussed will include
• file system monitoring
• live memory capture
• user activity monitoring
• application-aware event monitoring, and
• malware detection
Additionally, we will discuss how this information can be combined with automated differential reporting and how to develop a user-friendly dashboard.
