FloCon 2018 [Was: Re: vFlow :: IPFIX, sFlow and Netflow collector]

As a two-decades-or-so lurker on this list (since back when I was a wee thing at ATHY/NYSERNet), I’m going to finally break out of lurk mode to thank Avi for his mention of FloCon, and take advantage of this opportunity to tell you all about a conference that might be of interest.

For those who aren’t familiar with it, FloCon is an annual conference organized by CERT, historically focused on network flow and flow data analysis, and particularly its use to support security. (I should note we are *not* US-CERT—we’re the CERT Division of the Software Engineering Institute, operated by Carnegie Mellon University.)

I said “historically focused on network flow” above because one of the changes for 2018 is that we’re expanding the scope of FloCon. This is in response to the trend in the types of submissions we’re receiving for the conference, and in the types of work we at CERT see our sponsors (and the rest of the world) interested in. The new scope for FloCon is data analysis in support of security operations—so, all types of data now, not just flow data or network data.

We still anticipate that network data analysis will be a significant part of FloCon because of its central place in security operations, but we’re hopeful that the expanded scope will allow participants to share new and exciting ways of fusing all sorts of data. (Network flow? Pcap? Passive DNS? Building access data? Incident report contents? Biometric data? Malware hashes? Bring it, whatever it is.)

We tend to get a good mix of security practitioners, tool builders, and researchers each year. I would love to see more people from the ops world join us, since I think the best advances in the state of the practice will come from bringing the brains of all of these groups together.

More information about the conference, including the call for participation, can be found here: https://resources.sei.cmu.edu/news-events/events/flocon/

As the chair for FloCon 2018, I’d be happy to take any questions off-list about the conference.


Rachel A. Kartch
Software Engineering Institute | CERT
4500 Fifth Avenue
Pittsburgh, PA 15213