Enhancing IPS/IDS With Vm Data

Robert Wagner, Information Security Architect, TransUnion

  • Introduction (00:00:00)
  • Chapter Title (00:00:15)
  • The Issues (00:01:04)
  • Solution Strategy (00:02:12)
  • Chapter Title (00:02:14)
  • Chapter Title (00:02:20)
  • IDS Events without Context (00:02:31)
  • Contextual Data Reduces Event Investigation (00:02:54)
  • Methods of Adding Context (00:03:27)
  • Chapter Title (00:03:45)
  • Passive Detection & Identification (00:05:05)
  • Active Scanning (00:06:02)
  • Passive Data's Impact (00:06:36)
  • Chapter Title (00:06:52)
  • Why Add Qualys Data? (00:07:11)
  • Example of Sourcefire Event Impact Analysis (00:08:04)
  • Qualys Data Import (00:08:27)
  • Chapter Title (00:08:52)
  • Chapter Title (00:09:25)
  • Detail on Vulnerability (00:09:35)
  • Impact Assessment After Qualys Data Added (00:09:50)
  • Net Results (00:10:01)
  • Notes About Current Implementation (00:10:26)
  • Next Steps (00:11:15)
Introduction