- This event has passed.
Event: Featured Speaker | IDS/IPS & Event Correlation: Separating Fact from Fiction

This page documents the November 26, 2007 Arizona Security Practitioners’ Forum session where Hunter Storm presented “IDS/IPS & Event Correlation: Separating Fact from Fiction,” a practitioner‑level examination of detection fidelity, false‑positive reduction, and correlation logic in enterprise SOC environments.
Overview
In this 2007 Arizona Security Practioners Forum (AZSPF) session, Hunter Storm delivered a practitioner‑level examination of IDS/IPS tuning, false‑positive reduction, and event‑correlation logic from the perspective of a working SOC engineer and correlation‑tool architect. The presentation separated operational fact from vendor fiction, clarified common misconceptions about detection fidelity, and explored practical strategies for improving signal‑to‑noise ratios in enterprise environments.
The session included live practitioner participation, reflecting the AZSPF community’s collaborative, hands‑on approach to security engineering.
Key Themes
- Intrusion Detection — operational realities vs. vendor claims
- Intrusion Prevention — tuning for fidelity, not noise
- Event Correlation — logic design, rule construction, and context weighting
- False‑Positive Reduction — practical SOC‑tested strategies
- SOC Engineering — workflow, triage, and analyst burden
- Threat Analysis — interpreting signals in context
Historical Significance
This event is a key entry in the 2007 technical‑presentations cluster, representing Hunter Storm’s early public work in intrusion detection and prevention engineering, event correlation modeling, and SOC‑level operational fidelity. It complements the Hacking Humans debut event by documenting the parallel technical lineage of Storm’s security engineering career.
Audience & Format
Presented to the Arizona Security Practitioners’ Forum — an organic community of InfoSec professionals — the session blended structured content with open discussion, scenario analysis, and practitioner‑driven Q&A.
Hunter Storm | Events and Appearances
- Event: Digital Broadcast Appearance | PBS Jobs Explained! Cybersecurity Career Paths (July 2026)
- Event: Live Panel | Live for the Synthetic Swarm: The Science of Drones — Phoenix Fan Fusion (June 5, 2026, 7:30 PM)
- Event: Virtual Presentation | Femme Fatale to Federal Whistleblower — ISACA Central Ohio (May 28, 2026 12:00 PM)
- Event: Live Panel | Career Panel: Texas A&M Department of Computer Science & Engineering (April 1, 2025, 2:00 PM)
- Event: Live Presentation | The Overlooked Cyber Strategy: Protection from the New Wave of CyberThreats (Professional Attacks, Character Assassination, Doxing, Impersonation, and more) — ISSA Phoenix (June 13, 2019, 2:00 PM)
- Event: Featured Speaker | IDS/IPS & Event Correlation: Separating Fact from Fiction (November 26, 2007, 6:30 PM)
- Event: Live Presentation | Social Engineering: Building a More Secure World Thru Innovative Use of the Truth (June 24, 2026 6:30 PM) – First public presentation of Hacking Humans: The Ports and Services Model of Social Engineering
Discover More from Hunter Storm
- Femme Fatale to Federal Whistleblower — ISACA Central Ohio
- Hunter Storm Official Site
- Hacking Humans | The Ports and Services Model of Social Engineering
- Presentations
- Social Engineering | Building a More Secure World Thru Innovative Use of the Truth
- Résumé | Wells Fargo | SOC Site Lead | Black Ops Team
