Extrusion Detection With Aanval & Bleeding-Edge Snort

Spyware and malware, as well as instant messaging (IM) and peer-to-peer (P2P) networking, are perhaps the most prominent issues in securing enterprise computing environments. The risks are plentiful, including potential loss of confidential data, trojans, and backdoor entry points. This presentation will describe the effort to manage those risks on your network using Aanval, an excellent Snort console from Remote Assessment, and Bleeding-Edge Snort rules designed to readily identify traffic of concern. 

Speakers

---

Russ McRee Senior Security Analyst Microsoft Online Services

Russ McRee is a senior security analyst, researcher, and founder of holisticinfosec.org, where he advocates a holistic approach to the practice of information assurance. Russ' predominant focuses are incident response and web application security; he does both as team lead of Microsoft Online Service’s Security Incident Management team. Russ speaks and writes frequently regarding infosec topics, including toolsmith, a monthly column for the ISSA Journal.