Using Network Flow to Gain Cyber Situational Awareness
the foundations of cyber situational awareness how to apply situational awareness concepts to the cyber domain how network flow plays a critical part in gaining situational awareness over today’s complex networks tools that can be used to collect and analyze network flow data examples that show the successful use of network flow to solve operational and security problems
About the Speaker
Sid Faber is a member of the technical staff within the CERT® Program at the Software Engineering Institute (SEI), a unit of Carnegie Mellon University in Pittsburgh, PA. As a member of the Network Situational Awareness (NetSA) analysis team, Faber supports sponsors by providing detailed reports of current and historical network activities. His current areas of interest include fusing massive network data sets, enabling analysts with tools and methods necessary to defend large networks, using large-scale DNS monitoring to detect malicious behavior, and designing closed networks for improved security. Faber also serves as an adjunct faculty member at the Carnegie Mellon University Heinz College of Information Systems & Management and at the University of Pittsburgh, School of Information Sciences. Prior to joining the SEI, Faber worked as a security architect with Federated Investors, one of the largest investment managers in the United States. His experience includes more than fifteen years in software application security, development, and evaluation, and five years in the U.S. Navy Nuclear Power Officer program.