Derek is a security consultant focused on log management, threat detection, and security monitoring. Derek enjoys developing use cases, watching logs like an operator in The Matrix, and looking for interesting ways to detect post exploitation activity. He is a family man that is also actively involved in the Michigan Security (#MiSec) community.
Determining Normal: Baselining with Security Log and Event Data