Experimenting with Real-Time Event Feeds

Explore innovative approaches to real-time event monitoring and analysis in this 28-minute Black Hat conference talk. Delve into the limitations of traditional SIEM-based security operations and discover alternative methods for handling high-volume data streams. Learn how to overcome the challenges of pre-configuring log collection and the prohibitive costs of storing raw data. Gain insights into effective strategies for prefiltering and summarizing critical security information, enabling more efficient and proactive threat detection. Presented by Jose Morris, this talk challenges conventional wisdom and offers fresh perspectives on maximizing the value of real-time event feeds in modern cybersecurity operations.

Experimenting with Real-Time Event Feeds