vb.net

SANS GCIA Gold Paper (OHIDS)

Posted on

My SANS GCIA gold paper has been published! It was a lot of work, but I’m very excited about it.  You can get the paper here and the software here.

Abstract

Responding to incidents in an efficient manner is critical for all CIRTS. This paper presents a new open
source tool for the enterprise. With this tool, responders will be able to detect incidents using aggregated
data collected from hosts and applying anomaly detection. OHIDS includes a sensitive data finder to allow
appropriate escalation of the incident. This software can be utilized in a proactive manner by removing SSNs
and credit card data before incidents occur or by detecting unauthorized software running.

 

Advertisements