Funny you mention SANS. They actually have a recorded webcast put on by Mike Poor and Prism Microsystems - https://www.sans.org/webcasts/log-analysis-ossec-logging-in-depth-90611
I actually haven't listened to it so I don't know how in-depth he goes. May not hurt to try contacting Mike himself. On Wed, May 25, 2011 at 10:23 AM, Walker, Barry <[email protected]>wrote: > Thanks. What I am looking for is more advanced training beyond the basics > since my company is looking at implementing Ossec on an international > basis. The “group” does help and has been immeasurable with the information > that you have provided. Has anyone considered working with SANS, etc and > promoted Ossec within their security gatherings? > > > > BW > > > > > > *From:* [email protected] [mailto:[email protected]] *On > Behalf Of *Jeremy Lee > *Sent:* Wednesday, May 25, 2011 11:48 AM > *To:* [email protected] > *Subject:* Re: [ossec-list] Ossec Training > > > > I haven't come across anything. What *exactly* are you looking to gain from > training? A basic overview of OSSEC? Or more advanced overview of > functionality? > > If the former, there are a number of those types of presentations that can > be found online: > i.e. http://www.colorado.edu/cns/security/servers/hids/ossec_training.pdf > > If the latter, you're "participating" in it right now :) The Google Groups > is the best way to get your questions answered on "how-tos" and almost > everything else. Otherwise, you'll probably need to get creative with Google > searches. Michael Starks (www.immutablesecurity.com) has quite a few good > ideas of using OSSEC and how to accomplish those ideas. > > Otherwise, if you're looking for something more 'official' you may just > want to contact *ossec*@trendmicro.com > > Perhaps someone else can chime in if I'm missing something. > > On Wed, May 25, 2011 at 8:26 AM, Walker, Barry <[email protected]> > wrote: > > Being new to Ossec I have been searching for available training, either > online or instructor-lead, but haven't found much of an offering. I > purchased the book/CD and that is only the tip of the iceberg. Does anyone > know of a good source of training specifically for Ossec? > > BW > > >
