Thursday
Room 1
15:00 - 16:00
(UTC+01)
Talk (60 min)
Learning security monitoring through failure
Security operations centers are something out of a book of forbidden spells. Usually hidden in the basement or behind a glass-wall, shrouded in secrecy and rarely spoken about - but why?
Well, I don't know, but if you've ever wanted to learn about what security monitoring is and how you can leverage it for improved security, look no further!
In this talk we will learn about security operations by the way we screw it up. Join me for some interesting war-stories, anti-patterns and hopefully some valuable pieces of hard-earned advice!
Truls Dahlsveen
Hi, I’m Truls. I’m a security engineer with a passion for, well, automation and security. I’m a Microsoft MVP in Security for the “SIEM & XDR” category. My experience includes system administration, development/automation engineering and penetration testing.
I like to speak and write to give insights on various topics related to security and automation, where I cover a wide range of subjects from cloud security strategies and log ingestion techniques, to hands-on demonstrations for security operations in topics like SIEM best practice, SOAR, detection engineering and a lot more stuff that I find interesting. Outside work I spend most of my time on either Inferno or the Rift!