Posted on
in Presentations
This talk will show how, on a large container deployment, the speaker achieved insight into security events like file events on sensitive files, system call auditing, user level activity trail, network activity, etc., by customizing and plumbing a stack of open source tools that use the underlying Linux’s inotify and kernel audit components and by aggregating these events centrally in Elasticsearch.
Learning Objectives:
1: Learn about FIM and system call analysis using FOSS.
2: Gain insights from presenter’s experience implementing a large-scale solution.
3: See how easy access to insight into events can help secure an environment.
Learning Objectives:
1: Learn about FIM and system call analysis using FOSS.
2: Gain insights from presenter’s experience implementing a large-scale solution.
3: See how easy access to insight into events can help secure an environment.
Access This and Other RSAC™ Conference Presentations with Your Free RSAC Membership
Your RSAC™ Membership also includes AI-powered summaries, mind maps, and slides for Conference presentations, Group Discussions with experts, and more.
Watch Now >>
Share With Your Community