What is a Next-gen Network Forensics Platform?

The next Central Virginia ISSA event is at Mekong Tuesday, August 13th, 2019.  Beverages will be served beginning 5:45 PM and the presentation will start at 6 PM. 

At the meeting, you will have access to tasty craft beers, wine, delectable  appetizers, and most importantly a hardy discussion on current Information Security issues and challenges lead by knowledgeable practitioners.

Nearly universally, threat hunters and security analysts look to captured packets (PCAP) as “ground truth” to confirm whether a threat is present on their network. Unfortunately, due to the large size of PCAP files full PCAP cannot be stored long enough to provide that ground truth for many threats. Andrew Fast will lead the discussion around the different options organizations have for data storage to maintain forensic value such as filtered packet capture and augmented flow. Then we will describe a new approach, called intelligent packet capture, which uses machine learning to decide which packets to save, *providing* an effective balance between storage costs and forensic value.

Andrew Fast is the Chief Data Scientist and co-founder of CounterFlow AI, where he leads the implementation of streaming machine learning algorithms for CounterFlow AI's ThreatEye next-generation network forensics platform. Previously, Dr. Fast served as the Chief Scientist at Elder Research, Inc., a leading data science consulting firm, where he helped hundreds of companies expand their data science capabilities.  He co-authored the book Practical Text Mining that was published by Elsevier and won the PROSE Award for top book in the field of Computing and Information Sciences for that year. His work on analyzing NFL coaching trees was featured on ESPN.com in 2009.

There is no fee to attend this event as CounterFlow AI has generously sponsored this month's meeting.

So register now, enjoy a great night with CPE credit generating discussion, good beer, and a chance to network with Information Security peers.