A lot of good work on logging standards as well as standards for the “surrounding areas” (correlation rules, parsing rules, etc) will happen at this first-ever NIST workshop on EMAP.
Please mark your calendars to save the date for an EMAP Developer Workshop to be held August 29-30, 2011 at the NIST Campus in Gaithersburg, Maryland. We are still formalizing the agenda, but topics to be covered will include:
· Discussion of target use cases and requirements as identified by EMAP working group.
· CEE Overview and in-depth discussion of current issues.
· Discussion of EMAP component specifications and issues/questions for the community.
· Discussion of EMAP roadmap and connections with other efforts within security automation.
We are in the process of standing up a registration page and creating the agenda. A teleconference line will be provided for those who cannot attend in person. More details to come in the near future, we hope to see you there.
If you are dealing with logs and SIEM (such as building, or even using the tools) and care about standards, please consider attending – but only if you will contribute!
Possibly related posts: