From Data to Wisdom: Transforming Security Events into Actionable Incidents

Tuesday, April 19, 2016 | 5:30PM–6:30PM | Cascade Ballroom II, Mezzanine Level, Second Floor
Session Type: Professional Development
Learn how our Security Operations team is dealing with the challenges of processing security data into actionable intelligence. In this presentation, we will discuss our model and demonstrate tools we are developing to facilitate each step in the process, including the collection of raw event data from a variety of detection sources; the consolidation/correlation of event data into alerts for human analysis; the analysis of alerts to identify actionable Incidents; the enrichment of incidents with additional data for classification and workflow management; and reporting for trend analysis, resource prioritization, and process improvements. Following the demo we will invite questions, idea sharing, and potential opportunities for collaboration.


OUTCOMES: Understand and appreciate security data analysis challenges * Learn how these challenges have been addressed at UC Berkeley * Share ideas for improvements to tools and processes and identify opportunities for future collaboration

Presenters

  • Steven Hansen

    Security Operations Developer, University of California, Berkeley

  • Allison Henry

    Chief Information Security Officer, University of California, Berkeley

Resources & Downloads

SPC 2016 Presentation Slides
5 MB, Powerpoint Slides
Uploaded on 05/03/2016