“Out-Of-The-Box” Log Analysis Dashboards – Corey Thuen – RSA20 #7
Dashboards are a great way to enable junior security analysts to be more effective when trying to discover security events. The senior analysts can do the heavy lifting, then create dashboards that can be used by the rest of the organization (including ops, developers, sysadmins, etc...). Cory Thuen is the Founder and CEO of Gravwell, and they want to your logs, all of your logs. Gravwell's solution allows you to run queries and create dashboards that lead to actionable events. Cory explains how this works and even how customers are using Gravwell to collect logs on-premise and in the cloud.
Guest
Corey Thuen is a founder of Gravwell and has spent over a decade doing cybersecurity at places like Department of Energy national labs, Digital Bond, and IOActive. That experience is now driving development of a full-stack analytics platform built to alleviate pain points he personally experienced from inflexible tools.