Blog about information security and other random topics
Friday, October 10, 2008
ArcSight Tools Slide Deck
Wow, I've just been buried, both at work and at home. I promised a sanitized copy of our slides from the ArcSight User Conference and here they are. A month late. Enjoy.
1 comment:
Anonymous
said...
Paul, interesting read. What I try to do is launching all browsers for doing 'some' investigation in a sandboxed environment by using sandboxie. Got any other methods? Also how many tools do you have currently in your tools list? I'm wondering, as for myself I have about 40 tools and I have colleagues that might have 5 (and use none..) One thing keeps bugging me though How do you stop ArcSight from closing your investigation tool when you close your 'Tools Results' window? & will that be solved in the newest release?
1 comment:
Paul, interesting read.
What I try to do is launching all browsers for doing 'some' investigation in a sandboxed environment by using sandboxie. Got any other methods?
Also how many tools do you have currently in your tools list? I'm wondering, as for myself I have about 40 tools and I have colleagues that might have 5 (and use none..)
One thing keeps bugging me though
How do you stop ArcSight from closing your investigation tool when you close your 'Tools Results' window? & will that be solved in the newest release?
Tia, nqe
Post a Comment