OSSEC CON 2014 Recap

OSSEC CON 2014 was held in Cork Ireland this year to promote OSSEC in EMEA where we have many users. This year we had several members of the current OSSEC Team speak to our audience.

Jeremy Rossi, currently the OSSEC Development Manager, told us about some of the OSSEC open source history and shared the statistics on number of OSSEC contributions over the years. The good news is there are more lines of code and programmers contributing them than ever before. Jeremy did all the heavy lifting to move OSSEC over to Github which has really encouraged more people to work on it.

Santiago Gonzales joined us again this year reviewed his work using Cuckoo in conjunction with OSSEC to detect malware that shows up on Windows based systems.

New OSSEC Team member and author of Instant OSSEC Host-based Intrusion Detection System Brad Lhotsky talked to us about what he has done with OSSEC to help automate his security operations at Booking.com.

Barry O’Meara from AleinVault shared his experiences with using OSSEC with Amazon CloudTrail to provide intrusion detection for AWS instances.

I gave a talk on using Elasticsearch to manage OSSEC security alerts. I have posted all the slides from this and previous OSSEC conferences in the Documentation section of this site.

Finally, Cork was simply beautiful. The weather was great and the hotel accommodations at the Gresham-Metropole were superb. thanks again to our good friends at AlienVault for sponsoring OSSEC CON 2014. And thanks to all of our conference attendees.

Look for the conference next year to be held at one of the major Unix conferences – to be determined. Thanks to all who attended.

See you next year.