Explore event correlation in information security and forensics through this Black Hat conference talk. Delve into the challenges of log analysis, behavior detection, record linkage, and expert systems. Learn about Giles, a compiler that creates event correlation engines, and discover how its output can be used to create SQL databases that function as fully-fledged event correlation engines. Understand the advantages of this approach, including the ability to deploy event correlation engines anywhere a database can be placed and access them using any programming language. Follow along with a live demo and gain insights into the performance benefits and engineering wins of this innovative approach to event correlation.