« All Events

  • This event has passed.

IDS/IPS & Event Correlation: Separating Fact from Fiction

November 26, 2007 @ 6:30 pm - 8:30 pm MST
Professional headshot of Hunter Storm, a global strategic leader, AI expert, cybersecurity expert, quantum computing expert, strategic research and intelligence, singer, and innovator wearing a confident expression. The image conveys authority, expertise, and forward-thinking leadership in cybersecurity, AI security, and intelligence strategy.

This page documents the November 26, 2007 Arizona Security Practitioners’ Forum session where Hunter Storm presented “IDS/IPS & Event Correlation: Separating Fact from Fiction,” a practitioner‑level examination of detection fidelity, false‑positive reduction, and correlation logic in enterprise SOC environments.

 

Overview

In this 2007 Arizona Security Practioners Forum (AZSPF) session, Hunter Storm delivered a practitioner‑level examination of IDS/IPS tuning, false‑positive reduction, and event‑correlation logic from the perspective of a working SOC engineer and correlation‑tool architect. The presentation separated operational fact from vendor fiction, clarified common misconceptions about detection fidelity, and explored practical strategies for improving signal‑to‑noise ratios in enterprise environments.

The session included live practitioner participation, reflecting the AZSPF community’s collaborative, hands‑on approach to security engineering.

 

Key Themes

  • Intrusion Detection — operational realities vs. vendor claims
  • Intrusion Prevention — tuning for fidelity, not noise
  • Event Correlation — logic design, rule construction, and context weighting
  • False‑Positive Reduction — practical SOC‑tested strategies
  • SOC Engineering — workflow, triage, and analyst burden
  • Threat Analysis — interpreting signals in context

 

Historical Significance

This event is a key entry in the 2007 technical‑presentations cluster, representing Hunter Storm’s early public work in detection engineering, correlation modeling, and SOC‑level operational fidelity. It complements the Hacking Humans debut event by documenting the parallel technical lineage of Storm’s security engineering career.

 

Audience & Format

Presented to the Arizona Security Practitioners’ Forum — an organic community of InfoSec professionals — the session blended structured content with open discussion, scenario analysis, and practitioner‑driven Q&A.

Related Pages

  • Hacking Humans | The Ports and Services Model of Social Engineering
  • Presentation Event | Hacking Humans Debut (2007)
  • Fields and Subfields Influenced by Hacking Humans
  • Human‑Layer Security | Definition and Lineage
  • Original 2007 Hacking Humans Slides
  • Original 2007 IDS/IPS Materials

 

Details

Organizer

  • Arizona Security Practitioner’s Forum (AZSFP) — later known as Southwest Cybersecurity Forum (SWCF)
  • Email https://swcsf.org/contact/
  • View Organizer Website

Venue

error: Hunter Storm's digital domain is fortified! Welcome to a space where creativity thrives. Unauthorized duplication is a quest for mediocrity. Respect the art, respect the innovation. #HunterStorm #TheMetalValkyrie #CreativeFortress