Sponsor Track

CyberCrime Investigator: Forensic Use of HP ArcSight ESM

Expo Theatre (Hall G) October 23, 2012 - Feedback     

Bookmark and Share

Matthew Schnarr

This session explores the concept of network forensic investigations using HP ArcSight ESM, and how security analysts can use it to assist HR or law enforcement with network interception to gather evidence that must preserve chain-of-custody. With the challenges of cloud-based computing and mobile devices, the need for well-defined workflow and the use of industry-accepted tools is even more essential than ever.