In a daily fight to secure organizations, security analysts are inundated with a massive log set (if one is so fortunate), but with it comes a high signal-to-noise ratio. Increase your signal by adding context to your logs, such as tagging blocks of IP addresses based on their region, labeling high-value targets, grouping hosts based on a specific corollary, and tagging AV logs as an agnostic approach to multiple vendors being used. This type of additional data added to your logs enables more intelligent alerts, improves triaging efforts for analysts, and enhances security metrics, among many other benefits. Join Quiessence Phillips to learn about the type of context that could be added and the value of its addition.
Quiessence Phillips is the Threat Management Lead for New York City’s Cyber Command, where she leads the Security Operations Center, CERT and Threat Intelligence functions. A cybersecurity professional with 10 years of experience working within the financial industry as well as a mom, mentor, coder, hacker, and strategist.
Quiessence is the cofounder of a nonprofit EdTech organization – JOURNi, which is building an authentically inclusive tech ecosystem in Detroit.
In efforts to get more women into cybersecurity, she also started Securing Your Path – a community for women interested in forging their path in the industry.
©2017, O'Reilly Media, Inc. • (800) 889-8969 or (707) 827-7019 • Monday-Friday 7:30am-5pm PT • All trademarks and registered trademarks appearing on oreilly.com are the property of their respective owners. • firstname.lastname@example.org