{"id":288,"date":"2007-04-27T03:46:00","date_gmt":"2007-04-27T03:46:00","guid":{"rendered":"https:\/\/defragged.org\/ossec\/?p=288"},"modified":"2020-07-03T03:47:21","modified_gmt":"2020-07-03T03:47:21","slug":"ossec-at-the-sans-log-management-summit","status":"publish","type":"post","link":"https:\/\/defragged.org\/ossec\/2007\/04\/ossec-at-the-sans-log-management-summit\/","title":{"rendered":"OSSEC at the SANS log management summit"},"content":{"rendered":"\n<p><a href=\"http:\/\/blog.vorant.com\/\">David Bianco<\/a>&nbsp;recently spoke about OSSEC at the&nbsp;<a href=\"http:\/\/www.sans.org\/logmgtsummit07\">SANS Log Management Summit 2007<\/a>, with the presentation:&nbsp;<em>\u201cHow to Save $45k (and Look Great Doing it)\u201d<\/em>. Quoting his&nbsp;<a href=\"http:\/\/blog.vorant.com\/2007\/04\/log-management-summit-wrap-up.html\">blog entry reviewing the summit<\/a>:<\/p>\n\n\n\n<blockquote class=\"wp-block-quote\"><p>On Tuesday morning, I gave my own presentation, \u201cHow to Save $45k (and Look Great Doing it).\u201d This is the story of how we bought a commercial SEM product, only to find that it didn\u2019t really do what we wanted, and replaced it with the free OSSEC. Bad on us for not having our ducks in a row at first, I know. To be totally honest, it wasn\u2019t so easy to get up in front of 100 people and say, \u201cYou know, we made this really expensive mistake\u201d, but sometimes you have to sacrifice for the greater good. \ud83d\ude09<\/p><\/blockquote>\n\n\n\n<p>He also mentions Mike Poor\u2019s presentation,&nbsp;<em>\u201cNetwork Early Warning Systems: Mining Better Quality Data from Your Logging Systems\u201d<\/em>, where Mike speaks about OSSEC in many of his slides. Mike\u2019s presentation is available&nbsp;<a href=\"http:\/\/intelguardians.com\/mikepoorkeynote.pdf\">here<\/a>.<\/p>\n\n\n\n<p>If you went to the summit, please share your experiences with us!<\/p>\n","protected":false},"excerpt":{"rendered":"<p>David Bianco&nbsp;recently spoke about OSSEC at the&nbsp;SANS Log Management Summit 2007, with the presentation:&nbsp;\u201cHow to Save $45k (and Look Great Doing it)\u201d. Quoting his&nbsp;blog entry reviewing the summit: On Tuesday morning, I gave my own presentation, \u201cHow to Save $45k (and Look Great Doing it).\u201d This is the story of how we bought a commercial [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[7],"tags":[],"_links":{"self":[{"href":"https:\/\/defragged.org\/ossec\/wp-json\/wp\/v2\/posts\/288"}],"collection":[{"href":"https:\/\/defragged.org\/ossec\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/defragged.org\/ossec\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/defragged.org\/ossec\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/defragged.org\/ossec\/wp-json\/wp\/v2\/comments?post=288"}],"version-history":[{"count":1,"href":"https:\/\/defragged.org\/ossec\/wp-json\/wp\/v2\/posts\/288\/revisions"}],"predecessor-version":[{"id":289,"href":"https:\/\/defragged.org\/ossec\/wp-json\/wp\/v2\/posts\/288\/revisions\/289"}],"wp:attachment":[{"href":"https:\/\/defragged.org\/ossec\/wp-json\/wp\/v2\/media?parent=288"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/defragged.org\/ossec\/wp-json\/wp\/v2\/categories?post=288"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/defragged.org\/ossec\/wp-json\/wp\/v2\/tags?post=288"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}