Entered the field of cybersecurity in 2008, possessing experience in both offensive and defensive security practices. Specializes in incident response in the cybersecurity domain and has previously published research reports on supply chain attacks (ICST-ANA-2013-0018) and the Operation DRBControl APT event. In 2023, transitioned into the cloud domain and has been actively contributing to the advancement of cloud information security with eCloudvalley, focusing on cloud security development.
In today's internet environment, regardless of whether it's on-premises or cloud-based, enterprises are constantly facing cybersecurity threats. Once attacked and damaged, it's common during the process of tracing back to encounter attempts by attackers to destroy evidence (Covered Track), making it difficult to trace the source, thus leading to repeated hacking incidents. Especially when enterprises have hybrid cloud environments, tracing the attack process becomes relatively complex. Therefore, constructing a SIEM system that can simultaneously accommodate security logs and monitor various hybrid architectures can assist enterprises in preserving important logs and monitoring threats. This course will provide hands-on operation to help students understand the principles of SIEM and its related diverse functionalities.
CYBERSEC 2024 uses cookies to provide you with the best user experience possible. By continuing to use this site, you agree to the terms in our Privacy Policy 。